Confidential Information Disclosure vulnerability in Asylo

Vulnerability

A buffer length validation vulnerability exists in Asylo versions prior to 0.6.0. The enc_untrusted_recvfrom function in asylo/platform/host_call/trusted deserializes a return value via MessageReader and copies it into three extents. The length of the third extent is controlled by the outside world and is not verified during the copy operation. This allows an attacker to supply a small actual data size but a large buffer length (len), causing memcpy to read beyond the received data buffer into adjacent trusted memory [1].

Exploitation

An attacker who can control the length field in a message sent to the enclave (e.g., from the untrusted host or over the network) can trigger the vulnerability. By providing a small actual data size for the third extent while specifying a large len parameter, the memcpy call copies len bytes from the received data buffer, which includes data beyond the actual received data, thus leaking trusted memory contents [1]. No authentication or user interaction is required beyond the ability to send messages to the enclave.

Impact

Successful exploitation allows an attacker to read trusted memory data that should not be accessible, resulting in information disclosure. The attacker gains access to sensitive data within the Asylo enclave's trusted memory, compromising confidentiality [1].

Mitigation

The vulnerability is fixed in Asylo version 0.6.0. The fix is implemented in commit 299f804acbb95a612ab7c504d25ab908aa59ae93, which changes memcpy(buf, buffer_received.data(), len) to memcpy(buf, buffer_received.data(), std::min(len, buffer_received.size())) [1]. Users should update to Asylo 0.6.0 or later. No workarounds are documented.