AR# 72994

Design Advisory for Zynq UltraScale+ MPSoC/RFSoC - 2019.1 XilSKey: PPK Hash buffer overflow


This Design Advisory covers an issues with the 2019.1 (and older) versions of the Zynq UltraScale+ MPSoC/RFSoC XilSKey library.

The XilSKey_EfusePs_ConvertBytesBeToLe() function call overflows the PPK Hash buffer (48 bytes) by 4 bytes.

This is a buffer overflow vulnerability.

For more information on how to sign up to receive notifications for new Design Advisories, see (Xilinx Answer 18683).


A patch for the 2019.1 version is attached to this Answer Record

This issue has been addressed in the 2019.2 version of XilSKey.


文件名 文件大小 File Type 501 KB ZIP
AR# 72994
日期 11/08/2019
状态 Active
Type 设计咨询
Tools More Less