In devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking uninitialized stack memory back to the device.
References
Configurations
History
07 Nov 2023, 03:13
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
References | (MISC) https://developers.yubico.com/libu2f-host/Release_Notes.html - Vendor Advisory, Release Notes |
Information
Published : 2019-03-05 23:29
Updated : 2023-12-10 12:59
NVD link : CVE-2019-9578
Mitre link : CVE-2019-9578
CVE.ORG link : CVE-2019-9578
JSON object : View
Products Affected
yubico
- libu2f-host
CWE
CWE-908
Use of Uninitialized Resource