Enclave memory overwrite/overread vulnerability in Asylo UntrustedCacheMalloc::GetBuffer

Vulnerability

In Google Asylo before version 0.6.3, the UntrustedCacheMalloc::GetBuffer() function in asylo/platform/primitives/sgx/UntrustedCacheMalloc.cc does not validate the integrity of cached buffer pointers before returning them to the enclave. The code adds pointers to a buffer pool without checking whether they have been tampered with while outside the enclave. This allows an attacker who can control or modify enclave memory to swap or alter the pointers in the pool, leading to arbitrary memory writes inside the secure enclave. The vulnerability affects all versions prior to the fix commit a47ef55 [1].

Exploitation

An attacker with the ability to modify enclave memory (for example, through a compromised untrusted runtime or shared memory region) can replace a legitimate buffer pointer in the buffer_pool_ with a pointer to an arbitrary memory location within the enclave. When the enclave next requests a buffer (via GetBuffer()), it will receive the attacker-controlled pointer and can then write data to that arbitrary address. No special user interaction or authentication is required beyond the existing capability to manipulate enclave memory [1].

Impact

Successful exploitation enables an attacker to overwrite arbitrary memory within the secure enclave. This can lead to disclosure of sensitive data, corruption of enclave state, or escalation of privileges within the enclave. The integrity and confidentiality of enclave operations are compromised [1].

Mitigation

The fix is included in Asylo version 0.6.3 and the git commit a47ef55 [1]. Users should update to version 0.6.3 or later. The affected repository has been archived and is read-only as of April 2026, so no further patches are expected. No workaround is provided. The CVE is not listed in CISA's Known Exploited Vulnerabilities catalog [1].