Lucene search
GoogleOSV:CVE-2020-24388HistoryOct 19, 2020 - 8:15 p.m.
CVE-2020-24388
2020-10-1920:15:12
Google
osv.dev
2
An issue was discovered in the _send_secure_msg() function of yubihsm-shell through 2.0.2. The function does not validate the embedded length field of a message received from the device. This could lead to an oversized memcpy() call that will crash the running process. This could be used by an attacker to cause a denial of service.
| CPE | Name | Operator | Version |
|---|---|---|---|
| yubihsm-shell | eq | 2.0.0 | |
| yubihsm-shell | eq | 2.0.1 | |
| yubihsm-shell | eq | 2.0.2 |
Related
nvd
nvd
CVE-2020-24388
2020-10-19 20:15:12
cve
cve
CVE-2020-24388
2020-10-19 20:15:12
prion
prion
Denial of service
2020-10-19 20:15:00
cvelist
cvelist
CVE-2020-24388
2020-10-19 19:41:33
nessus
nessus
Fedora 33 : yubihsm-shell (2020-8afd443d46)
2020-10-29 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: yubihsm-shell-2.0.3-1.fc33
2020-10-29 01:09:06
openvas
openvas
Fedora: Security Advisory for yubihsm-shell (FEDORA-2020-8afd443d46)
2020-10-29 00:00:00
yubico
yubico
Security Advisory YSA-2020-06 - Yubico
2020-06-02 00:00:00