Uninitialized Stack Memory Leak in Yubico libu2f-host

Uninitialized Stack Memory Leak in Yubico libu2f-host

CVE-2019-9578 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

In devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking uninitialized stack memory back to the device.

Learn more about our Web Application Penetration Testing UK.