Vulnerability Description
An issue was discovered in the yh_create_session() function of yubihsm-shell through 2.0.2. The function does not explicitly check the returned session id from the device. An invalid session id would lead to out-of-bounds read and write operations in the session array. This could be used by an attacker to cause a denial of service attack.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Yubico | Yubihsm-Shell | <= 2.0.2 |
| Fedoraproject | Fedora | 33 |
Related Weaknesses (CWE)
References
- https://blog.inhq.net/posts/yubico-libyubihsm-vuln/ExploitThird Party Advisory
- https://developers.yubico.com/yubihsm-shell/Vendor Advisory
- https://github.com/Yubico/yubihsm-shellThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://www.yubico.com/support/security-advisories/ysa-2020-06/Vendor Advisory
- https://blog.inhq.net/posts/yubico-libyubihsm-vuln/ExploitThird Party Advisory
- https://developers.yubico.com/yubihsm-shell/Vendor Advisory
- https://github.com/Yubico/yubihsm-shellThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://www.yubico.com/support/security-advisories/ysa-2020-06/Vendor Advisory
FAQ
What is CVE-2020-24387?
CVE-2020-24387 is a vulnerability with a CVSS score of 7.5 (HIGH). An issue was discovered in the yh_create_session() function of yubihsm-shell through 2.0.2. The function does not explicitly check the returned session id from the device. An invalid session id would ...
How severe is CVE-2020-24387?
CVE-2020-24387 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-24387?
Check the references section above for vendor advisories and patch information. Affected products include: Yubico Yubihsm-Shell, Fedoraproject Fedora.