Ubuntu 4276-1: Yubico PIV Tool vulnerabilities

    Date 11 Feb 2020
    Posted By LinuxSecurity Advisories
    Yubico PIV Tool could be made to crash or run programs as an administrator if it received specially crafted input.
    Ubuntu Security Notice USN-4276-1
    February 11, 2020
    Yubico PIV Tool vulnerabilities
    A security issue affects these releases of Ubuntu and its derivatives:
    - Ubuntu 18.04 LTS
    Yubico PIV Tool could be made to crash or run programs as an administrator if it
    received specially crafted input.
    Software Description:
    - yubico-piv-tool: Command line tool for the YubiKey PIV applet
    It was discovered that libykpiv, a supporting library of the Yubico PIV
    Tool and YubiKey PIV Manager, mishandled specially crafted input. An
    attacker with a custom-made, malicious USB device could potentially execute
    arbitrary code on a computer running the Yubico PIV Tool or Yubikey PIV
    Update instructions:
    The problem can be corrected by updating your system to the following
    package versions:
    Ubuntu 18.04 LTS:
      libykpiv1                       1.4.2-2ubuntu0.1
      ykcs11                          1.4.2-2ubuntu0.1
      yubico-piv-tool                 1.4.2-2ubuntu0.1
    After a standard system update you need to reboot your computer to make
    all the necessary changes.
      CVE-2018-14779, CVE-2018-14780
    Package Information:

    LinuxSecurity Poll

    Do you feel that the Lawful Access to Encrypted Data Act, which aims to force encryption backdoors, is a threat to US citizens' privacy?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"106","title":"Yes - I am a privacy advocate and I am strongly opposed to this bill.","votes":"23","type":"x","order":"1","pct":95.83,"resources":[]},{"id":"107","title":"I'm undecided - it has its pros and cons.","votes":"1","type":"x","order":"2","pct":4.17,"resources":[]},{"id":"108","title":"No - I support this bill and feel that it will help protect against crime and threats to our national security. ","votes":"0","type":"x","order":"3","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200


    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.