CVE-2020-8939

Published December 15th, 2020

View on NVD ↗

CVSS v3

5.3

MEDIUM

CVSS v2

2.1

LOW

Affected

PROJECT

Description

An out of bounds read on the enc_untrusted_inet_ntop function allows an attack to extend the result size that is used by memcpy() to read memory from within the enclave heap. We recommend upgrading past commit 6ff3b77ffe110a33a2f93848a6333f33616f02c4

google/asylo

An open and flexible framework for developing enclave applications

GitHub

979