An issue was discovered in Yubico libykpiv before 2.1.0. An attacker can trigger an incorrect free() in the ykpiv_util_generate_key() function in lib/util.c through incorrect error handling code. This could be used to cause a denial of service attack.
CPE | Name | Operator | Version |
---|---|---|---|
libykpiv | lt | 2.1.0 | |
piv_tool_manager | lt | 2.0.0 | |
yubikey_smart_card_minidriver | le | 4.1.0.172 |