Description
An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to enc_untrusted_create_wait_queue that uses a pointer queue that relies on UntrustedLocalMemcpy, which fails to validate where the pointer is located. This allows an attacker to write memory values from within the enclave. We recommend upgrading past commit a37fb6a0e7daf30134dbbf357c9a518a1026aa02
References (1)
Core 1
Core References
Patch, Third Party Advisory x_refsource_confirm
https://github.com/google/asylo/commit/a37fb6a0e7daf30134dbbf357c9a518a1026aa02
Scores
CVSS v3
5.3
EPSS
0.0002
EPSS Percentile
4.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N
Details
CWE
CWE-120
CWE-787
Status
published
Products (1)
google/asylo
< 0.6.0
Published
Dec 15, 2020
Tracked Since
Feb 18, 2026