VYPR
← All advisories
Unrated severityNVD Advisory· Published Aug 14, 2023· Updated Oct 9, 2024

CVE-2023-39908

CVE-2023-39908

Description

YubiHSM 2 SDK PKCS11 module before 2023.01.1 leaks up to 8192 bytes of uninitialized stack memory via C_GetAttributeValue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

YubiHSM 2 SDK PKCS11 module before 2023.01.1 leaks up to 8192 bytes of uninitialized stack memory via C_GetAttributeValue.

Vulnerability

The PKCS11 module of the YubiHSM 2 SDK (versions up to and including 2023.01) contains a flaw in the populate_template() function (in util_pkcs11.c) where a local stack buffer CK_BYTE tmp[8192] is used without prior initialization [1]. When handling C_GetAttributeValue() calls for certificate attributes like CKA_SERIAL_NUMBER, the library passes the size of this uninitialized buffer as the length parameter to subsequent functions, leading to the disclosure of up to 8192 bytes of previously used stack memory to the caller [1][2].

Exploitation

An attacker must have an authenticated session with a YubiHSM 2 device and be able to invoke the PKCS#11 C_GetAttributeValue function for specific object metadata. No additional privileges or user interaction beyond authentication are required [2]. By crafting a request for a certificate attribute, the attacker triggers the vulnerable code path, causing the library to return uninitialized heap or stack memory [1].

Impact

Successful exploitation results in the disclosure of up to 8192 bytes of uninitialized memory from the application's stack, which may contain sensitive data from previous function calls. This compromises the confidentiality of the calling process memory but does not affect secrets stored within the HSM itself [2]. The CVSS score is 4.4 (medium severity) [2].

Mitigation

Yubico released a fix in YubiHSM 2 SDK version 2023.01.1 (or later). Affected users should upgrade to the latest SDK [2]. No workaround is available; the vulnerability is fixed in the updated version. The advisory notes that only users who have integrated the PKCS11 module are affected; standalone yubihsm-shell binaries are not impacted [2].

References
  1. Yubico YubiHSM PKCS#11 Library Vulnerability (CVE-2023-39908)
  2. Security Advisory YSA-2023-01

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2

Patches

0

No patches discovered yet.

Vulnerability mechanics

Root cause

"Missing zero-initialization of a stack buffer combined with code paths that return the buffer without writing any data, leading to disclosure of uninitialized and previously used memory."

Attack vector

An authenticated attacker who can invoke the affected PKCS#11 operations (specifically `get_attribute_opaque()` on object attributes such as `CKA_SUBJECT`, `CKA_ISSUER`, or `CKA_SERIAL_NUMBER`) triggers the bug. The function allocates an uninitialized 8192-byte stack buffer `tmp` and, for certain attribute types, returns the buffer's contents without first writing any data into it [ref_id=1]. This causes uninitialized and previously used stack memory to be disclosed to the caller. The CVSS 4.4 (Medium) score reflects the need for high-privilege authentication and network access, though the practical impact depends on what sensitive data resides on the stack of the integrating application [ref_id=1].

Affected code

The vulnerability resides in the `get_attribute_opaque()` function in `util_pkcs11.c` (line R5179). The code uses a stack buffer `CK_BYTE tmp[8192]` that is not zero-initialized, and under certain code paths (e.g., `CKA_SUBJECT`, `CKA_ISSUER`, `CKA_SERIAL_NUMBER`) the function returns without writing any data into `tmp`, leaving uninitialized stack memory exposed to the caller [ref_id=1].

What the fix does

The patch introduces two fixes. First, in `get_attribute_opaque()`, the problematic code paths for `CKA_SUBJECT`, `CKA_ISSUER`, and `CKA_SERIAL_NUMBER` now set the output pointer to `NULL` and the length to `0` before breaking, preventing any uninitialized data from being returned [ref_id=1]. Second, the stack buffer initialization is changed from `CK_BYTE tmp[8192];` to `CK_BYTE tmp[8192] = {0};`, ensuring the buffer is zeroed even if other code paths inadvertently return it without writing [ref_id=1]. Together these changes close the information leak by ensuring no uninitialized memory can be disclosed.

Preconditions

  • authAttacker must be authenticated with high privileges (PR:H) to invoke the affected PKCS#11 operations
  • networkThe integrating application must expose the PKCS#11 interface over a network (AV:N)
  • inputAttacker must call get_attribute_opaque() on object attributes CKA_SUBJECT, CKA_ISSUER, or CKA_SERIAL_NUMBER

Generated on May 26, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

2

News mentions

0

No linked articles in our index yet.