CVE-2021-22548 - OpenCVE

An attacker can change the pointer to untrusted memory to point to trusted memory region which causes copying trusted memory to trusted memory, if the latter is later copied out, it allows for reading of memory regions from the trusted region. It is recommended to update past 0.6.2 or git commit https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Google	Asylo

Configuration 1 [-]

cpe:2.3:a:google:asylo:*:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c	Patch Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Google

Published: 2021-03-29T00:00:00

Updated: 2021-06-08T13:15:13

Reserved: 2021-01-05T00:00:00

Link: CVE-2021-22548

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-06-08T14:15:07.600

Modified: 2021-06-17T16:09:52.610

Link: CVE-2021-22548

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Asylo", "vendor": "Google LLC", "versions": [{"lessThanOrEqual": "0.6.2", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Qinkun Bao (Baidu Security)"}, {"lang": "en", "value": "Zhaofeng Chen (Baidu Security)"}, {"lang": "en", "value": "Mingshen Sun (Baidu Security)"}, {"lang": "en", "value": "Kang Li (Baidu Security)"}], "datePublic": "2021-03-29T00:00:00", "descriptions": [{"lang": "en", "value": "An attacker can change the pointer to untrusted memory to point to trusted memory region which causes copying trusted memory to trusted memory, if the latter is later copied out, it allows for reading of memory regions from the trusted region. It is recommended to update past 0.6.2 or git commit https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c"}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-788", "description": "CWE-788 Access of Memory Location After End of Buffer", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-06-08T13:15:13", "orgId": "14ed7db2-1595-443d-9d34-6215bf890778", "shortName": "Google"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c"}], "source": {"discovery": "EXTERNAL"}, "title": "Arbitrary enclave memory overread vulnerability in Asylo TrustedPrimitives::UntrustedCall", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@google.com", "DATE_PUBLIC": "2021-03-29T10:00:00.000Z", "ID": "CVE-2021-22548", "STATE": "PUBLIC", "TITLE": "Arbitrary enclave memory overread vulnerability in Asylo TrustedPrimitives::UntrustedCall"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Asylo", "version": {"version_data": [{"version_affected": "<=", "version_value": "0.6.2"}]}}]}, "vendor_name": "Google LLC"}]}}, "credit": [{"lang": "eng", "value": "Qinkun Bao (Baidu Security)"}, {"lang": "eng", "value": "Zhaofeng Chen (Baidu Security)"}, {"lang": "eng", "value": "Mingshen Sun (Baidu Security)"}, {"lang": "eng", "value": "Kang Li (Baidu Security)"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An attacker can change the pointer to untrusted memory to point to trusted memory region which causes copying trusted memory to trusted memory, if the latter is later copied out, it allows for reading of memory regions from the trusted region. It is recommended to update past 0.6.2 or git commit https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c"}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-788 Access of Memory Location After End of Buffer"}]}]}, "references": {"reference_data": [{"name": "https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c", "refsource": "MISC", "url": "https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c"}]}, "source": {"discovery": "EXTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778", "assignerShortName": "Google", "cveId": "CVE-2021-22548", "datePublished": "2021-03-29T00:00:00", "dateReserved": "2021-01-05T00:00:00", "dateUpdated": "2021-06-08T13:15:13", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:asylo:*:*:*:*:*:*:*:*", "matchCriteriaId": "2615C1EA-2906-4CF3-ADD5-D4719F441060", "versionEndExcluding": "0.6.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An attacker can change the pointer to untrusted memory to point to trusted memory region which causes copying trusted memory to trusted memory, if the latter is later copied out, it allows for reading of memory regions from the trusted region. It is recommended to update past 0.6.2 or git commit https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c"}, {"lang": "es", "value": "Un atacante puede modificar el puntero para una memoria no confiable para que apunte a la regi\u00f3n de memoria confiable, lo que causa que se copie la memoria confiable a la memoria confiable, si esta \u00faltima es copiada posteriormente, permite la lectura de regiones de memoria de la regi\u00f3n confiable. Se recomienda actualizar a partir de la versi\u00f3n 0.6.2 o el commit de git https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c"}], "id": "CVE-2021-22548", "lastModified": "2021-06-17T16:09:52.610", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.5, "source": "cve-coordination@google.com", "type": "Secondary"}]}, "published": "2021-06-08T14:15:07.600", "references": [{"source": "cve-coordination@google.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c"}], "sourceIdentifier": "cve-coordination@google.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-788"}], "source": "cve-coordination@google.com", "type": "Secondary"}]}