Known Vulnerabilities for Asylo by Google
Listed below are 10 of the newest known vulnerabilities associated with "Asylo" by "Google".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-22552 | An untrusted memory read vulnerability in Asylo versions up to 0.6.1 allows an untrusted attacker to pass a syscall number in... | 5.5 - MEDIUM | 2021-08-02 | 2021-08-10 |
| CVE-2021-22550 | An attacker can modify the pointers in enclave memory to overwrite arbitrary memory addresses within the secure enclave. It i... | 7.8 - HIGH | 2021-06-08 | 2021-06-22 |
| CVE-2021-22549 | An attacker can modify the address to point to trusted memory to overwrite arbitrary trusted memory. It is recommended to upd... | 7.8 - HIGH | 2021-06-08 | 2022-10-25 |
| CVE-2021-22548 | An attacker can change the pointer to untrusted memory to point to trusted memory region which causes copying trusted memory ... | 7.8 - HIGH | 2021-06-08 | 2021-06-17 |
| CVE-2020-8938 | An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to FromkLinu... | 3.3 - LOW | 2020-12-15 | 2020-12-17 |
| CVE-2020-8937 | An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to enc_untru... | 3.3 - LOW | 2020-12-15 | 2020-12-17 |
| CVE-2020-8936 | An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to Untrusted... | 5.5 - MEDIUM | 2020-12-15 | 2020-12-18 |
| CVE-2020-8935 | An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allow an attacker to make an Ecall_restore function... | 7.8 - HIGH | 2020-12-15 | 2021-07-21 |
| CVE-2020-8905 | A buffer length validation vulnerability in Asylo versions prior to 0.6.0 allows an attacker to read data they should not hav... | 6.5 - MEDIUM | 2020-08-12 | 2020-08-13 |
| CVE-2020-8904 | An arbitrary memory overwrite vulnerability in the trusted memory of Asylo exists in versions prior to 0.6.0. As the ecall_re... | 9.6 - CRITICAL | 2020-08-12 | 2020-08-13 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Asylo | 0.6.0 | All | All | All | |
| Application | Asylo | 0.5.3 | All | All | All | |
| Application | Asylo | 0.5.2 | All | All | All | |
| Application | Asylo | 0.5.1 | All | All | All | |
| Application | Asylo | 0.5.0 | All | All | All | |
| Application | Asylo | 0.4.1 | All | All | All | |
| Application | Asylo | 0.4.0 | All | All | All | |
| Application | Asylo | 0.3.4.2 | All | All | All | |
| Application | Asylo | 0.3.4.1 | All | All | All | |
| Application | Asylo | 0.3.4 | All | All | All | |
| Application | Asylo | 0.3.3 | All | All | All | |
| Application | Asylo | 0.3.2 | All | All | All | |
| Application | Asylo | 0.3.1 | All | All | All | |
| Application | Asylo | 0.3.0 | All | All | All | |
| Application | Asylo | 0.2.2 | All | All | All | |
| Application | Asylo | 0.2.1 | All | All | All | |
| Application | Asylo | 0.2.0 | All | All | All | |
| Application | Asylo | - | All | All | All |