VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 15, 2020· Updated Aug 4, 2024

Unchecked buffer overrun in ecall_restore

CVE-2020-8944

Description

An arbitrary memory write vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to ecall_restore using the attribute output which fails to check the range of a pointer. An attacker can use this pointer to write to arbitrary memory addresses including those within the secure enclave We recommend upgrading past commit 382da2b8b09cbf928668a2445efb778f76bd9c8a

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Arbitrary memory write in Asylo up to 0.6.0 allows untrusted attacker to write to arbitrary memory via ecall_restore.

Vulnerability

An arbitrary memory write vulnerability exists in Google's Asylo framework up to version 0.6.0. The ecall_restore function fails to validate that the output pointer resides outside the enclave memory, allowing an untrusted attacker to provide a pointer to arbitrary memory locations. This is a missing bounds check for the output parameter[1].

Exploitation

An attacker with the ability to make ecalls to the enclave can craft a call to ecall_restore with a manipulated output pointer pointing to arbitrary memory, including addresses within the secure enclave. The lack of a range check enables the attacker to write data to that location via the function's output operation[1].

Impact

Successful exploitation allows the attacker to perform an arbitrary memory write within the enclave's address space. This can lead to disclosure of sensitive information, corruption of enclave data, and potentially arbitrary code execution within the trusted execution environment, compromising both confidentiality and integrity[1].

Mitigation

The issue is fixed in commit 382da2b8b09cbf928668a2445efb778f76bd9c8a which adds a check to ensure the output pointer is outside the enclave. Users should upgrade to a version containing this commit or apply the patch manually[1].

References
  1. Check output of ecall_restore is outside enclave · google/asylo@382da2b

AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • Google/asylollm-fuzzy
    Range: <=0.6.0
  • Google LLC/Asylov5
    Range: unspecified

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.