This Design Advisory covers an issues with the 2019.1 (and older) versions of the Zynq UltraScale+ MPSoC/RFSoC XilSKey library.
The XilSKey_EfusePs_ConvertBytesBeToLe() function call overflows the PPK Hash buffer (48 bytes) by 4 bytes.
This is a buffer overflow vulnerability.
For more information on how to sign up to receive notifications for new Design Advisories, see (Xilinx Answer 18683).
A patch for the 2019.1 version is attached to this Answer Record
This issue has been addressed in the 2019.2 version of XilSKey.
|Name||File Size||File Type|