Critical severity9.8NVD Advisory· Published Sep 27, 2021· Updated Jun 17, 2026
CVE-2021-36219
CVE-2021-36219
Description
An issue was discovered in SKALE sgxwallet 1.58.3. The provided input for ECALL 14 triggers a branch in trustedEcdsaSign that frees a non-initialized pointer from the stack. An attacker can chain multiple enclave calls to prepare a stack that contains a valid address. This address is then freed, resulting in compromised integrity of the enclave. This was resolved after v1.58.3 and not reproducible in sgxwallet v1.77.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- SKALE/sgxwalletdescription
Patches
Vulnerability mechanics
References
2- github.com/skalenetwork/sgxwallet/commit/4e9b5b7526db083177e81f8bafeaa4914d276a82nvdPatchThird Party Advisory
- github.com/skalenetwork/sgxwallet/releasesnvdRelease NotesThird Party Advisory
News mentions
0No linked articles in our index yet.