Vulnerabilities > Google > Asylo > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-02 | CVE-2021-22552 | Out-of-bounds Read vulnerability in Google Asylo An untrusted memory read vulnerability in Asylo versions up to 0.6.1 allows an untrusted attacker to pass a syscall number in MessageReader that is then used by sysno() and can bypass validation. | 2.1 |
| 2020-12-15 | CVE-2020-8936 | Out-of-bounds Read vulnerability in Google Asylo An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to UntrustedCall. | 2.1 |
| 2020-12-15 | CVE-2020-8937 | Out-of-bounds Write vulnerability in Google Asylo An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to enc_untrusted_create_wait_queue that uses a pointer queue that relies on UntrustedLocalMemcpy, which fails to validate where the pointer is located. | 2.1 |
| 2020-12-15 | CVE-2020-8938 | Out-of-bounds Write vulnerability in Google Asylo An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to FromkLinuxSockAddr with attacker controlled content and size of klinux_addr which allows an attacker to write memory values from within the enclave. | 2.1 |
| 2020-12-15 | CVE-2020-8939 | Out-of-bounds Read vulnerability in Google Asylo An out of bounds read on the enc_untrusted_inet_ntop function allows an attack to extend the result size that is used by memcpy() to read memory from within the enclave heap. | 2.1 |
| 2020-12-15 | CVE-2020-8940 | Out-of-bounds Read vulnerability in Google Asylo An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_untrusted_recvmsg using an attacker controlled result parameter. | 2.1 |
| 2020-12-15 | CVE-2020-8941 | Out-of-bounds Read vulnerability in Google Asylo An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_untrusted_inet_pton using an attacker controlled klinux_addr_buffer parameter. | 2.1 |
| 2020-12-15 | CVE-2020-8942 | Out-of-bounds Read vulnerability in Google Asylo An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_untrusted_read whose return size was not validated against the requrested size. | 2.1 |
| 2020-12-15 | CVE-2020-8943 | Out-of-bounds Read vulnerability in Google Asylo An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_untrusted_recvfrom whose return size was not validated against the requested size. | 2.1 |
| 2020-12-15 | CVE-2020-8944 | Out-of-bounds Write vulnerability in Google Asylo An arbitrary memory write vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to ecall_restore using the attribute output which fails to check the range of a pointer. | 2.1 |