Asylo Security Vulnerabilities and Issues — Asylo CVE List

Lucene search

GoogleAsylo

4 matches found

CVE•added 2021/06/08 2:15 p.m.•39 views

CVE-2021-22549

An attacker can modify the address to point to trusted memory to overwrite arbitrary trusted memory. It is recommended to update past 0.6.2 or git commit https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c

7.8CVSS7AI score0.00018EPSS

CVE•added 2021/06/08 2:15 p.m.•36 views

CVE-2021-22550

An attacker can modify the pointers in enclave memory to overwrite arbitrary memory addresses within the secure enclave. It is recommended to update past 0.6.3 or git commit https://github.com/google/asylo/commit/a47ef55db2337d29de19c50cd29b0deb2871d31c

7.8CVSS7AI score0.00018EPSS

CVE•added 2020/12/15 3:15 p.m.•35 views

CVE-2020-8935

An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allow an attacker to make an Ecall_restore function call to reallocate untrusted code and overwrite sections of the Enclave memory address. We recommend updating your library.

7.8CVSS7.6AI score0.00017EPSS

CVE•added 2021/06/08 2:15 p.m.•31 views

CVE-2021-22548

An attacker can change the pointer to untrusted memory to point to trusted memory region which causes copying trusted memory to trusted memory, if the latter is later copied out, it allows for reading of memory regions from the trusted region. It is recommended to update past 0.6.2 or git commit ht...

7.8CVSS6.9AI score0.00018EPSS