2 matches found
CVE-2020-8944
An arbitrary memory write vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to ecallrestore using the attribute output which fails to check the range of a pointer. An attacker can use this pointer to write to arbitrary memory addresses including those within...
CVE-2020-8944
The CVE-2020-8944 issue affects Asylo up to version 0.6.0 where an unchecked pointer range in the ecall_restore path allows an attacker to write arbitrary memory, including within a secure enclave. The root cause is the failure to validate the pointer range in the attribute output, enabling a loc...