Yubico Smart Card Driver CVE-2020-13132 Denial of Service Vulnerability

description-logoDescription

An issue was discovered in Yubico WubiKey Smart Card Minidriver versions before 4.1.0.172. An attacker can trigger an incorrect free() in the ykpiv_util_generate_key() function in lib/util.c through incorrect error handling code. This could be used to cause a denial of service attack.

affected-products-logoAffected Applications

YubiKey Smart Card Minidriver

CVE References

CVE-2020-13132