CVE-2021-22549

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-22549

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-22549.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-22549

Published

2021-06-08T14:15:07Z

Modified

2025-09-19T12:32:20.645962Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

An attacker can modify the address to point to trusted memory to overwrite arbitrary trusted memory. It is recommended to update past 0.6.2 or git commit https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c

References

https://github.com/google/asylo/commit/ecfcd0008b6f8f63c6fa3cc1b62fcd4a52f2c0ad

Affected packages

Git / github.com/google/asylo

Affected ranges

Type: GIT
Repo: https://github.com/google/asylo
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

ecfcd0008b6f8f63c6fa3cc1b62fcd4a52f2c0ad

Affected versions

buildenv-v0.*

buildenv-v0.2.0

buildenv-v0.2.1

buildenv-v0.2.2

buildenv-v0.3.0

buildenv-v0.3.1

buildenv-v0.3.2

buildenv-v0.3.3

buildenv-v0.3.4

buildenv-v0.4.0

buildenv-v0.4.1

buildenv-v0.5.0

buildenv-v0.5.1

buildenv-v0.5.2

buildenv-v0.5.3

buildenv-v0.6.0

buildenv-v0.6.1

buildenv-v0.6.2

v0.*

v0.2.0

v0.2.1

v0.2.2

v0.3.0

v0.3.1

v0.3.2

v0.3.3

v0.3.4

v0.3.4.1

v0.4.0

v0.4.1

v0.5.0

v0.5.1

v0.5.2

v0.5.3

v0.6.0

v0.6.1

v0.6.2

Database specific

{
    "vanir_signatures": [
        {
            "digest": {
                "function_hash": "21751779365540011212385314497561646850",
                "length": 1650.0
            },
            "signature_type": "Function",
            "source": "https://github.com/google/asylo/commit/ecfcd0008b6f8f63c6fa3cc1b62fcd4a52f2c0ad",
            "signature_version": "v1",
            "target": {
                "file": "asylo/platform/primitives/sgx/trusted_sgx.cc",
                "function": "TrustedPrimitives::UntrustedCall"
            },
            "deprecated": false,
            "id": "CVE-2021-22549-294286a7"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "179083905881000308098376989869428359499",
                    "60969469769883439854187052920275273172",
                    "158973668864680343105839233643051257676",
                    "169716109713453107107989835106981581474",
                    "6366751008183418771220585196240696844",
                    "82157595155277274128707151771198432176",
                    "162350501195443982016403074865601096771",
                    "50358238281516573753538575010370306106",
                    "222342804091879002421924179309366382133"
                ]
            },
            "signature_type": "Line",
            "source": "https://github.com/google/asylo/commit/ecfcd0008b6f8f63c6fa3cc1b62fcd4a52f2c0ad",
            "signature_version": "v1",
            "target": {
                "file": "asylo/platform/primitives/sgx/trusted_sgx.cc"
            },
            "deprecated": false,
            "id": "CVE-2021-22549-880f5987"
        }
    ]
}