CVE-2018-14780
- Source
- https://cve.org/CVERecord?id=CVE-2018-14780
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-14780.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-14780
- Downstream
- Related
- Published
- 2018-08-15T18:29:00.887Z
- Modified
- 2026-03-15T22:19:12.012070Z
- Severity
-
- 4.6 (Medium) CVSS_V3 - CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
An out-of-bounds read issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the function
_ykpiv_fetch_object(): {% highlight c %} if(sw == SWSUCCESS) { sizet outlen; int offs = ykpivgetlength(data + 1, &outlen); if(offs == 0) { return YKPIVSIZEERROR; } memmove(data, data + 1 + offs, outlen); *len = outlen; return YKPIVOK; } else { return YKPIVGENERICERROR; } {% endhighlight %} -- in the end, amemmove()occurs with a length retrieved from APDU data. This length is not checked for whether it is outside of the APDU data retrieved. Therefore thememmove()could copy bytes behind the allocated data buffer into this buffer. - References
Affected packages
Git /
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-14780.json"
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.4.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.4.2b"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.4.2c"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.4.2d"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.4.2e"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.4.2f"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.4.2g"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.6.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.7.3.160"
}
]
}
]