Skip to main content

Asylo CVE-2020-8937

LOW
Classic Buffer Overflow (CWE-120)
2020-12-15 cve-coordination@google.com
3.3
CVSS 3.1 · NVD

Severity by source

NVD PRIMARY
3.3 LOW
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None

Lifecycle Timeline

1
CVE Published
Dec 15, 2020 - 15:15 nvd
LOW 3.3

DescriptionNVD

An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to enc_untrusted_create_wait_queue that uses a pointer queue that relies on UntrustedLocalMemcpy, which fails to validate where the pointer is located. This allows an attacker to write memory values from within the enclave. We recommend upgrading past commit a37fb6a0e7daf30134dbbf357c9a518a1026aa02

AnalysisAI

An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to enc_untrusted_create_wait_queue that uses a pointer queue that relies on. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Technical ContextAI

This vulnerability is classified as Buffer Copy without Size Check (CWE-120), which allows attackers to overflow a buffer to corrupt adjacent memory. An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to enc_untrusted_create_wait_queue that uses a pointer queue that relies on UntrustedLocalMemcpy, which fails to validate where the pointer is located. This allows an attacker to write memory values from within the enclave. We recommend upgrading past commit a37fb6a0e7daf30134dbbf357c9a518a1026aa02 Affected products include: Google Asylo. Version information: up to 0.6.0.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Always validate buffer sizes before copy operations. Use bounded functions (strncpy, snprintf). Enable compiler protections.

More in Asylo

View all
CVE-2020-8904 CRITICAL
9.6 Aug 12

An arbitrary memory overwrite vulnerability in the trusted memory of Asylo exists in versions prior to 0.6.0. Rated crit

CVE-2021-22552 MEDIUM POC
5.5 Aug 02

An untrusted memory read vulnerability in Asylo versions up to 0.6.1 allows an untrusted attacker to pass a syscall numb

CVE-2020-8944 MEDIUM POC
5.5 Dec 15

An arbitrary memory write vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to eca

CVE-2021-22550 HIGH
7.8 Jun 08

An attacker can modify the pointers in enclave memory to overwrite arbitrary memory addresses within the secure enclave.

CVE-2021-22549 HIGH
7.8 Jun 08

An attacker can modify the address to point to trusted memory to overwrite arbitrary trusted memory. Rated high severity

CVE-2021-22548 HIGH
7.8 Jun 08

An attacker can change the pointer to untrusted memory to point to trusted memory region which causes copying trusted me

CVE-2020-8935 HIGH
7.8 Dec 15

An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allow an attacker to make an Ecall_restore fun

CVE-2020-8905 MEDIUM
6.5 Aug 12

A buffer length validation vulnerability in Asylo versions prior to 0.6.0 allows an attacker to read data they should no

CVE-2020-8943 MEDIUM
5.5 Dec 15

An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_

CVE-2020-8942 MEDIUM
5.5 Dec 15

An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_

CVE-2020-8941 MEDIUM
5.5 Dec 15

An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_

CVE-2020-8940 MEDIUM
5.5 Dec 15

An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_

Share

CVE-2020-8937 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy