AR# 72994

Design Advisory for Zynq UltraScale+ MPSoC/RFSoC - 2019.1 XilSKey: PPK Hash buffer overflow

Description

This Design Advisory covers an issues with the 2019.1 (and older) versions of the Zynq UltraScale+ MPSoC/RFSoC XilSKey library.

The XilSKey_EfusePs_ConvertBytesBeToLe() function call overflows the PPK Hash buffer (48 bytes) by 4 bytes.

This is a buffer overflow vulnerability.

For more information on how to sign up to receive notifications for new Design Advisories, see (Xilinx Answer 18683).

Solution

A patch for the 2019.1 version is attached to this Answer Record

This issue has been addressed in the 2019.2 version of XilSKey.

Attachments

Associated Attachments

Name File Size File Type
AR72994_sdk_2019_1_preliminary_rev1.zip 501 KB ZIP
AR# 72994
Date 11/08/2019
Status Active
Type Design Advisory
Devices
Tools More Less