A lack of pointer-validation logic in the __scone_dispatch component of SCONE before v5.8.0 for Intel SGX allows attackers to access sensitive information.
References
Link | Resource |
---|---|
https://jovanbulck.github.io/files/ccs19-tale.pdf | Exploit Technical Description Third Party Advisory |
https://jovanbulck.github.io/files/oakland24-pandora.pdf | Exploit Technical Description Third Party Advisory |
https://sconedocs.github.io/release5.7/ | Release Notes |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-12-30T00:00:00
Updated: 2023-12-30T02:31:38.603244
Reserved: 2022-12-05T00:00:00
Link: CVE-2022-46486
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-12-30T03:15:08.173
Modified: 2024-01-08T14:20:14.670
Link: CVE-2022-46486
JSON object: View
Redhat Information
No data.
CWE