11 matches found
EUVD-2020-7220
Malware in sbrugna...
CVE-2020-15107
In openenclave before 0.10.0, enclaves that use x87 FPU operations are vulnerable to tampering by a malicious host application. By violating the Linux System V Application Binary Interface ABI for such operations, a host app can compromise the execution integrity of some x87 FPU operations in an...
CVE-2023-37479 Improper sanitization of MXCSR and RFLAGS in OpenEnclave
Open Enclave is a hardware-agnostic open source library for developing applications that utilize Hardware-based Trusted Execution Environments, also known as Enclaves. There are two issues that are mitigated in version 0.19.3. First, Open Enclave SDK does not properly sanitize the MXCSR register ...
CVE-2023-37479 Improper sanitization of MXCSR and RFLAGS in OpenEnclave
Open Enclave is a hardware-agnostic open source library for developing applications that utilize Hardware-based Trusted Execution Environments, also known as Enclaves. There are two issues that are mitigated in version 0.19.3. First, Open Enclave SDK does not properly sanitize the MXCSR register ...
SGXRay - Automating Vulnerability Detection for SGX Apps
Intel SGX protects isolated application logic and sensitive data inside an enclave with hardware-based memory encryption. To use such hardware-based security mechanism requires a strict programming model on memory usage, with complex APIs in and out the enclave boundary. Enclave developers are...
Microsoft OpenEnclave 权限许可和访问控制问题漏洞
Microsoft OpenEnclave is a software development kit from Microsoft Corporation USA. A vulnerability exists in microsoft OpenEnclave with privilege license and access control issues. The following products and versions are affected: Open Enclave SDK...
CVE-2020-15107
In openenclave before 0.10.0, enclaves that use x87 FPU operations are vulnerable to tampering by a malicious host application. By violating the Linux System V Application Binary Interface ABI for such operations, a host app can compromise the execution integrity of some x87 FPU operations in an...
CVE-2020-15107
In openenclave before 0.10.0, enclaves that use x87 FPU operations are vulnerable to tampering by a malicious host application. By violating the Linux System V Application Binary Interface ABI for such operations, a host app can compromise the execution integrity of some x87 FPU operations in an...
Design/Logic Flaw
In openenclave before 0.10.0, enclaves that use x87 FPU operations are vulnerable to tampering by a malicious host application. By violating the Linux System V Application Binary Interface ABI for such operations, a host app can compromise the execution integrity of some x87 FPU operations in an...
CVE-2020-15107 x87 FPU operations in enclaves are vulnerable to ABI poisoning in openenclave
In openenclave before 0.10.0, enclaves that use x87 FPU operations are vulnerable to tampering by a malicious host application. By violating the Linux System V Application Binary Interface ABI for such operations, a host app can compromise the execution integrity of some x87 FPU operations in an...
CVE-2020-15107
CVE-2020-15107 affects OpenEnclave up to version 0.10.0: enclaves performing x87 FPU operations can be tampered by a malicious host app that violates the Linux SYSV ABI, compromising execution integrity and enabling potential side-channel attacks depending on FPU config. The issue has been fixed ...