While exploring use of PKCS #11 devices in #OpenPGP contexts, I stumbled over a bug (and potential security issue) in the yubihsm_pkcs11.so driver for #YubiHSM devices.

Long form text by Christian Reitter (who walked me through the coordinated disclosure process with #Yubico, and did amazing work analyzing and writing up the issue):
https://blog.inhq.net/posts/yubico-yubihsm-pkcs-vuln/

Yubico advisory: https://www.yubico.com/support/security-advisories/ysa-2023-01/

#CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39908

(Thanks again to @sovtechfund for funding my #PKCS11 work)