How severe is CVE-2018-14779?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.8 out of 10.

What type of vulnerability is CVE-2018-14779?

This is classified as CWE-119, which is a common weakness in software security.

CVE-2018-14779 - MEDIUM Severity | CVSS 6.8

Vulnerability Description

A buffer overflow issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the function `ykpiv_transfer_data()`: {% highlight c %} if(*out_len + recv_len - 2 > max_out) { fprintf(stderr, "Output buffer to small, wanted to write %lu, max was %lu.", *out_len + recv_len - 2, max_out); } if(out_data) { memcpy(out_data, data, recv_len - 2); out_data += recv_len - 2; *out_len += recv_len - 2; } {% endhighlight %} -- it is clearly checked whether the buffer is big enough to hold the data copied using `memcpy()`, but no error handling happens to avoid the `memcpy()` in such cases. This code path can be triggered with malicious data coming from a smartcard.

Related Vulnerabilities

CVE-2015-4049

MEDIUM

CVSS:6.8(Medium)

Unisys Libra 43xx, 63xx, and 83xx, and FS600 class systems with MCP-FIRMWARE 40.0 before 40.0IC4 Build 270 might allow remote authenticated users to cause a denial of service (data corruption or syste...

CWE-1192015

CVE-2016-1734

MEDIUM

CVSS:6.8(Medium)

AppleUSBNetworking in Apple iOS before 9.3 and OS X before 10.11.4 allows physically proximate attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corrupti...

CWE-1192016

CVE-2016-8633

MEDIUM

CVSS:6.8(Medium)

drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets.

CWE-1192016

CVE-2017-0706

MEDIUM

CVSS:6.8(Medium)

A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-35195787. References: B-RB#120532.

CWE-1192017

CVE-2017-10814

MEDIUM

CVSS:6.8(Medium)

Buffer overflow in CG-WLR300NM Firmware version 1.90 and earlier allows an attacker to execute arbitrary code via unspecified vectors.

CWE-1192017

CVE-2017-16534

MEDIUM

CVSS:6.8(Medium)

The cdc_parse_cdc_header function in drivers/usb/core/message.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have...

CWE-1192017