Insufficient Length Validation in Yubico libykpiv Affects Sensitive Information Security
CVE-2020-13131

4.3MEDIUM

Key Information:

Vendor: Yubico
Status: Libykpiv
Vendor: CVE Published:; 9 July 2020

What is CVE-2020-13131?

An issue in Yubico's libykpiv library, specifically in the lib/util.c file, can lead to insecure handling of length fields during communication with PIV tokens. This flaw allows a malicious PIV token to misrepresent the length fields during RSA key generation process, resulting in a potential memory leak where sensitive data, such as PINs, passwords, and cryptographic keys, could be exposed. The stack memory may inadvertently be copied into heap memory, which, when processed by the caller, could allow this sensitive information to cross trust boundaries, posing significant security risks.

References

https://blog.inhq.net/posts/yubico-libykpiv-vuln/

x_refsource_MISC

https://www.yubico.com/products/services-software/downloa...

x_refsource_CONFIRM

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 9, 2020
Vulnerability Reserved
May 18, 2020