Vulnerability Description
A buffer length validation vulnerability in Asylo versions prior to 0.6.0 allows an attacker to read data they should not have access to. The 'enc_untrusted_recvfrom' function generates a return value which is deserialized by 'MessageReader', and copied into three different 'extents'. The length of the third 'extents' is controlled by the outside world, and not verified on copy, allowing the attacker to force Asylo to copy trusted memory data into an untrusted buffer of significantly small length.. We recommend updating Asylo to version 0.6.0 or later.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Asylo | < 0.6.0 |
Related Weaknesses (CWE)
References
- https://github.com/google/asylo/commit/299f804acbb95a612ab7c504d25ab908aa59ae93PatchThird Party Advisory
- https://github.com/google/asylo/commit/299f804acbb95a612ab7c504d25ab908aa59ae93PatchThird Party Advisory
FAQ
What is CVE-2020-8905?
CVE-2020-8905 is a vulnerability with a CVSS score of 2.8 (LOW). A buffer length validation vulnerability in Asylo versions prior to 0.6.0 allows an attacker to read data they should not have access to. The 'enc_untrusted_recvfrom' function generates a return value...
How severe is CVE-2020-8905?
CVE-2020-8905 has been rated LOW with a CVSS base score of 2.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-8905?
Check the references section above for vendor advisories and patch information. Affected products include: Google Asylo.