Skip to main content

Asylo CVE-2020-8905

MEDIUM
Classic Buffer Overflow (CWE-120)
2020-08-12 cve-coordination@google.com
6.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Aug 12, 2020 - 19:15 nvd
MEDIUM 6.5

DescriptionNVD

A buffer length validation vulnerability in Asylo versions prior to 0.6.0 allows an attacker to read data they should not have access to. The 'enc_untrusted_recvfrom' function generates a return value which is deserialized by 'MessageReader', and copied into three different 'extents'. The length of the third 'extents' is controlled by the outside world, and not verified on copy, allowing the attacker to force Asylo to copy trusted memory data into an untrusted buffer of significantly small length.. We recommend updating Asylo to version 0.6.0 or later.

AnalysisAI

A buffer length validation vulnerability in Asylo versions prior to 0.6.0 allows an attacker to read data they should not have access to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Technical ContextAI

This vulnerability is classified as Buffer Copy without Size Check (CWE-120), which allows attackers to overflow a buffer to corrupt adjacent memory. A buffer length validation vulnerability in Asylo versions prior to 0.6.0 allows an attacker to read data they should not have access to. The 'enc_untrusted_recvfrom' function generates a return value which is deserialized by 'MessageReader', and copied into three different 'extents'. The length of the third 'extents' is controlled by the outside world, and not verified on copy, allowing the attacker to force Asylo to copy trusted memory data into an untrusted buffer of significantly small length.. We recommend updating Asylo to version 0.6.0 or later. Affected products include: Google Asylo. Version information: prior to 0.6.0.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Always validate buffer sizes before copy operations. Use bounded functions (strncpy, snprintf). Enable compiler protections.

More in Asylo

View all
CVE-2020-8904 CRITICAL
9.6 Aug 12

An arbitrary memory overwrite vulnerability in the trusted memory of Asylo exists in versions prior to 0.6.0. Rated crit

CVE-2021-22552 MEDIUM POC
5.5 Aug 02

An untrusted memory read vulnerability in Asylo versions up to 0.6.1 allows an untrusted attacker to pass a syscall numb

CVE-2020-8944 MEDIUM POC
5.5 Dec 15

An arbitrary memory write vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to eca

CVE-2021-22550 HIGH
7.8 Jun 08

An attacker can modify the pointers in enclave memory to overwrite arbitrary memory addresses within the secure enclave.

CVE-2021-22549 HIGH
7.8 Jun 08

An attacker can modify the address to point to trusted memory to overwrite arbitrary trusted memory. Rated high severity

CVE-2021-22548 HIGH
7.8 Jun 08

An attacker can change the pointer to untrusted memory to point to trusted memory region which causes copying trusted me

CVE-2020-8935 HIGH
7.8 Dec 15

An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allow an attacker to make an Ecall_restore fun

CVE-2020-8943 MEDIUM
5.5 Dec 15

An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_

CVE-2020-8942 MEDIUM
5.5 Dec 15

An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_

CVE-2020-8941 MEDIUM
5.5 Dec 15

An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_

CVE-2020-8940 MEDIUM
5.5 Dec 15

An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_

CVE-2020-8939 MEDIUM
5.5 Dec 15

An out of bounds read on the enc_untrusted_inet_ntop function allows an attack to extend the result size that is used by

Share

CVE-2020-8905 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy