Asylo — Vulnerabilities & Security Advisories 16

All 16 CVE vulnerabilities found in Asylo, with AI-generated Chinese analysis, references, and POCs.

Vendor: Google LLC

CVE ID	Title	CVSS	Severity	Published
CVE-2021-22552	Memory overread secure enclave in Asylo 0.6.2 CWE-126	5.3	Medium	2021-08-02
CVE-2021-22550	Enclave memory overwrite/overread vulnerability in Asylo UntrustedCacheMalloc::GetBuffer CWE-823	6.5	Medium	2021-06-08
CVE-2021-22549	Arbitrary enclave memory overwrite vulnerability in Asylo TrustedPrimitives::UntrustedCall CWE-823	6.5	Medium	2021-06-08
CVE-2021-22548	Arbitrary enclave memory overread vulnerability in Asylo TrustedPrimitives::UntrustedCall CWE-788	6.5	Medium	2021-06-08
CVE-2020-8944	Unchecked buffer overrun in ecall_restore CWE-120	5.3	Medium	2020-12-15
CVE-2020-8942	Unchecked buffer overrun in enc_untrusted_read CWE-120	5.3	Medium	2020-12-15
CVE-2020-8943	Unchecked buffer overrun in enc_untrusted_recvfrom CWE-120	5.3	Medium	2020-12-15
CVE-2020-8941	Unchecked buffer overrun in enc_untrusted_inet_pton CWE-120	5.3	Medium	2020-12-15
CVE-2020-8940	Unchecked buffer overrun in enc_untrusted_recvmsg CWE-120	5.3	Medium	2020-12-15
CVE-2020-8938	Arbitrary enclave memory location write from untrusted environment	5.3	Medium	2020-12-15
CVE-2020-8939	Out of Bounds read in Asylo CWE-125	5.3	Medium	2020-12-15
CVE-2020-8937	Arbitrary enclave memory location write from untrusted environment CWE-120	5.3	Medium	2020-12-15
CVE-2020-8936	Arbitrary enclave memory overwrite vulnerability in ECall ecall_restore CWE-125	5.3	Medium	2020-12-15
CVE-2020-8935	Google Asylo 缓冲区错误漏洞	5.3	Medium	2020-12-15
CVE-2020-8904	Arbitrary trusted memory overwrite vulnerability in Asylo CWE-823	6.4	Medium	2020-08-12
CVE-2020-8905	Confidential Information Disclosure vulnerability in Asylo CWE-120	2.8	Low	2020-08-12

All 16 known CVE vulnerabilities affecting Asylo with full Chinese analysis, references, and POCs where available.