CVE-2021-22549

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2021-22549
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-22549.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-22549
Published
2021-06-08T14:15:07Z
Modified
2025-10-15T12:33:36.681805Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

An attacker can modify the address to point to trusted memory to overwrite arbitrary trusted memory. It is recommended to update past 0.6.2 or git commit https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c

References

Affected packages

Git / github.com/google/asylo

Affected ranges

Type
GIT
Repo
https://github.com/google/asylo
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
ecfcd0008b6f8f63c6fa3cc1b62fcd4a52f2c0ad

Affected versions

buildenv-v0.*

buildenv-v0.2.0
buildenv-v0.2.1
buildenv-v0.2.2
buildenv-v0.3.0
buildenv-v0.3.1
buildenv-v0.3.2
buildenv-v0.3.3
buildenv-v0.3.4
buildenv-v0.4.0
buildenv-v0.4.1
buildenv-v0.5.0
buildenv-v0.5.1
buildenv-v0.5.2
buildenv-v0.5.3
buildenv-v0.6.0
buildenv-v0.6.1
buildenv-v0.6.2

v0.*

v0.2.0
v0.2.1
v0.2.2
v0.3.0
v0.3.1
v0.3.2
v0.3.3
v0.3.4
v0.3.4.1
v0.4.0
v0.4.1
v0.5.0
v0.5.1
v0.5.2
v0.5.3
v0.6.0
v0.6.1
v0.6.2

Database specific

vanir_signatures

[
    {
        "digest": {
            "length": 1650.0,
            "function_hash": "21751779365540011212385314497561646850"
        },
        "target": {
            "file": "asylo/platform/primitives/sgx/trusted_sgx.cc",
            "function": "TrustedPrimitives::UntrustedCall"
        },
        "deprecated": false,
        "id": "CVE-2021-22549-294286a7",
        "signature_version": "v1",
        "source": "https://github.com/google/asylo/commit/ecfcd0008b6f8f63c6fa3cc1b62fcd4a52f2c0ad",
        "signature_type": "Function"
    },
    {
        "digest": {
            "line_hashes": [
                "179083905881000308098376989869428359499",
                "60969469769883439854187052920275273172",
                "158973668864680343105839233643051257676",
                "169716109713453107107989835106981581474",
                "6366751008183418771220585196240696844",
                "82157595155277274128707151771198432176",
                "162350501195443982016403074865601096771",
                "50358238281516573753538575010370306106",
                "222342804091879002421924179309366382133"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "asylo/platform/primitives/sgx/trusted_sgx.cc"
        },
        "deprecated": false,
        "id": "CVE-2021-22549-880f5987",
        "signature_version": "v1",
        "source": "https://github.com/google/asylo/commit/ecfcd0008b6f8f63c6fa3cc1b62fcd4a52f2c0ad",
        "signature_type": "Line"
    }
]