CVE-2021-22552

{"id": "CVE-2021-22552", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}, {"type": "Secondary", "source": "cve-coordination@google.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 4.2, "exploitabilityScore": 1.0}]}, "published": "2021-08-02T16:15:07.817", "references": [{"url": "https://github.com/google/asylo/commit/90d7619e9dd99bcdb6cd28c7649d741d254d9a1a", "tags": ["Exploit", "Patch", "Third Party Advisory"], "source": "cve-coordination@google.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-125"}]}, {"type": "Secondary", "source": "cve-coordination@google.com", "description": [{"lang": "en", "value": "CWE-126"}]}], "descriptions": [{"lang": "en", "value": "An untrusted memory read vulnerability in Asylo versions up to 0.6.1 allows an untrusted attacker to pass a syscall number in MessageReader that is then used by sysno() and can bypass validation. This can allow the attacker to read memory from within the secure enclave. We recommend updating to Asylo 0.6.3 or past https://github.com/google/asylo/commit/90d7619e9dd99bcdb6cd28c7649d741d254d9a1a"}, {"lang": "es", "value": "Una vulnerabilidad de lectura de memoria no confiable en Asylo versiones hasta 0.6.1, permite a un atacante no confiable pasar un n\u00famero de syscall en MessageReader que luego es usado por la funci\u00f3n sysno() y puede omitir una comprobaci\u00f3n. Esto puede permitir al atacante leer la memoria desde el enclave seguro. Recomendamos actualizar a Asylo versi\u00f3n 0.6.3 o a versi\u00f3n anterior https://github.com/google/asylo/commit/90d7619e9dd99bcdb6cd28c7649d741d254d9a1a"}], "lastModified": "2021-08-10T19:51:18.330", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:google:asylo:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3DBB15C-13B3-4E86-837A-C297F290AED4", "versionEndIncluding": "0.6.1"}], "operator": "OR"}]}], "sourceIdentifier": "cve-coordination@google.com"}