Lucene search
GoogleOSV:CVE-2021-22552HistoryAug 02, 2021 - 4:15 p.m.
CVE-2021-22552
2021-08-0216:15:07
Google
osv.dev
1
An untrusted memory read vulnerability in Asylo versions up to 0.6.1 allows an untrusted attacker to pass a syscall number in MessageReader that is then used by sysno() and can bypass validation. This can allow the attacker to read memory from within the secure enclave. We recommend updating to Asylo 0.6.3 or past https://github.com/google/asylo/commit/90d7619e9dd99bcdb6cd28c7649d741d254d9a1a
| CPE | Name | Operator | Version |
|---|---|---|---|
| asylo | eq | buildenv-v0.2.0 | |
| asylo | eq | buildenv-v0.5.2 | |
| asylo | eq | buildenv-v0.5.0 | |
| asylo | eq | buildenv-v0.3.3 | |
| asylo | eq | buildenv-v0.2.1 | |
| asylo | eq | 0.3.1 | |
| asylo | eq | 0.2.2 | |
| asylo | eq | 0.4.0 | |
| asylo | eq | 0.5.3 | |
| asylo | eq | 0.2.0 |
Related
cnvd
cnvd
Google Asylo memory read vulnerability
2021-08-05 00:00:00
cve
cve
CVE-2021-22552
2021-08-02 16:15:07
prion
prion
Input validation
2021-08-02 16:15:00
nvd
nvd
CVE-2021-22552
2021-08-02 16:15:07
cvelist
cvelist
CVE-2021-22552 Memory overread secure enclave in Asylo 0.6.2
2021-06-03 00:00:00