Medium severity5.3NVD Advisory· Published Dec 15, 2020· Updated Jun 17, 2026
CVE-2020-8936
CVE-2020-8936
Description
An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to UntrustedCall. UntrustedCall failed to validate the buffer range within sgx_params and allowed the host to return a pointer that was an address within the enclave memory. This allowed an attacker to read memory values from within the enclave.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Google LLC/Asylov5Range: 0.6.0
Patches
Vulnerability mechanics
References
1- github.com/google/asylo/commit/83036fd841d33baa7e039f842d131aa7881fdcc2nvdPatchThird Party Advisory
News mentions
0No linked articles in our index yet.