An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allow an attacker to make an Ecall_restore function call to reallocate untrusted code and overwrite sections of the Enclave memory address. We recommend updating your library.
References
Link | Resource |
---|---|
https://github.com/google/asylo/commit/ed0926bff0e423cd122a18b3d2fc772817f66825 | Patch Third Party Advisory |
Configurations
Information
Published : 2020-12-15 07:15
Updated : 2021-07-21 04:39
NVD link : CVE-2020-8935
Mitre link : CVE-2020-8935
JSON object : View
CWE
Products Affected
- asylo