CVE-2021-22550

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-22550

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-22550.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-22550

Published

2021-06-08T14:15:07.873Z

Modified

2025-11-14T11:27:44.596192Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

An attacker can modify the pointers in enclave memory to overwrite arbitrary memory addresses within the secure enclave. It is recommended to update past 0.6.3 or git commit https://github.com/google/asylo/commit/a47ef55db2337d29de19c50cd29b0deb2871d31c

References

https://github.com/google/asylo/commit/a47ef55db2337d29de19c50cd29b0deb2871d31c

Affected packages

Git / github.com/google/asylo

Affected ranges

Type: GIT
Repo: https://github.com/google/asylo
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

a47ef55db2337d29de19c50cd29b0deb2871d31c

Affected versions

buildenv-v0.*

buildenv-v0.2.0

buildenv-v0.2.1

buildenv-v0.2.2

buildenv-v0.3.0

buildenv-v0.3.1

buildenv-v0.3.2

buildenv-v0.3.3

buildenv-v0.3.4

buildenv-v0.4.0

buildenv-v0.4.1

buildenv-v0.5.0

buildenv-v0.5.1

buildenv-v0.5.2

buildenv-v0.5.3

buildenv-v0.6.0

buildenv-v0.6.1

buildenv-v0.6.2

v0.*

v0.2.0

v0.2.1

v0.2.2

v0.3.0

v0.3.1

v0.3.2

v0.3.3

v0.3.4

v0.3.4.1

v0.4.0

v0.4.1

v0.5.0

v0.5.1

v0.5.2

v0.5.3

v0.6.0

v0.6.1

v0.6.2

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-22550.json"

vanir_signatures

[
    {
        "digest": {
            "function_hash": "324340882865174162518142847362939396353",
            "length": 608.0
        },
        "id": "CVE-2021-22550-a190eb25",
        "signature_type": "Function",
        "source": "https://github.com/google/asylo/commit/a47ef55db2337d29de19c50cd29b0deb2871d31c",
        "target": {
            "function": "UntrustedCacheMalloc::GetBuffer",
            "file": "asylo/platform/primitives/sgx/untrusted_cache_malloc.cc"
        },
        "deprecated": false,
        "signature_version": "v1"
    },
    {
        "digest": {
            "line_hashes": [
                "302266554857286136183943282989466354521",
                "192108575824891427609433817722530469858",
                "6413376985837492149878608009366389190",
                "35815943247843364076385359851639162206",
                "123439773876058695008610047098402977316",
                "161686382595387852061273329649307725424",
                "52349830248926453678625798795136266642",
                "154438689577695076334591652158207116841"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2021-22550-d59b588a",
        "signature_type": "Line",
        "source": "https://github.com/google/asylo/commit/a47ef55db2337d29de19c50cd29b0deb2871d31c",
        "target": {
            "file": "asylo/platform/primitives/sgx/untrusted_cache_malloc.cc"
        },
        "deprecated": false,
        "signature_version": "v1"
    }
]