Google Asylo is a framework for developing trusted applications from Google, a US-based company. The software supports the creation of a trusted execution environment, including software isolation and hardware isolation.Google Asylo in version 0.6.1 has a memory read vulnerability vulnerability that allows an untrusted attacker to pass a syscall number in the MessageReader, which is then used by sysno() and can bypass authentication. An attacker is able to read memory from the security enclave.
CPE | Name | Operator | Version |
---|---|---|---|
google google asylo | eq | 0.6.1 |