Lucene search
PRIOn knowledge basePRION:CVE-2018-20340HistoryMar 21, 2019 - 4:00 p.m.
Buffer overflow
2019-03-2116:00:00
PRIOn knowledge base
www.prio-n.com
4
Yubico libu2f-host 1.1.6 contains unchecked buffers in devs.c, which could enable a malicious token to exploit a buffer overflow. An attacker could use this to attempt to execute malicious code using a crafted USB device masquerading as a security token on a computer where the affected library is currently in use. It is not possible to perform this attack with a genuine YubiKey.
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 9.0 | |
| libu2f-host | eq | 1.1.6 |
Related
debian
debian
[SECURITY] [DSA 4389-1] libu2f-host security update
2019-02-11 13:34:28
[SECURITY] [DSA 4389-1] libu2f-host security update
2019-02-11 13:34:28
nessus
nessus
SUSE SLED15 / SLES15 Security Update : libu2f-host (SUSE-SU-2019:1340-1)
2019-05-28 00:00:00
openSUSE Security Update : libu2f-host (openSUSE-2019-1475)
2019-05-31 00:00:00
Debian DSA-4389-1 : libu2f-host - security update
2019-02-12 00:00:00
archlinux
archlinux
[ASA-201902-7] libu2f-host: arbitrary code execution
2019-02-11 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2019:1340-1)
2021-06-09 00:00:00
Debian: Security Advisory (DSA-4389-1)
2019-02-10 00:00:00
openSUSE: Security Advisory for libu2f-host (openSUSE-SU-2019:1475-1)
2019-05-31 00:00:00
suse
suse
Security update for libu2f-host (low)
2019-05-30 00:00:00
Security update for libu2f-host (low)
2019-02-18 00:00:00
Security update for libu2f-host (moderate)
2021-07-11 00:00:00
ubuntucve
ubuntucve
CVE-2018-20340
2019-02-08 00:00:00
cve
cve
CVE-2018-20340
2019-03-21 16:00:35
debiancve
debiancve
CVE-2018-20340
2019-03-21 16:00:35
osv
osv
libu2f-host - security update
2019-02-11 00:00:00
nvd
nvd
CVE-2018-20340
2019-03-21 16:00:35
cvelist
cvelist
CVE-2018-20340
2019-03-17 20:06:42
yubico
yubico
Security advisory YSA-2019-01 - Yubico
2019-01-29 00:00:00
gentoo
gentoo
libu2f-host: Multiple vulnerabilities
2020-04-30 00:00:00