Yubico pam-u2f is a PAM module for FIDO2 and U2F keys.
Multiple vulnerabilities have been discovered in Yubico pam-u2f. Please review the CVE identifiers referenced below for details.
Depending on specific settings and usage scenarios the result of the pam-u2f module may be altered or ignored.
There is no known workaround at this time.
All Yubico pam-u2f users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-auth/pam_u2f-1.3.2"