{"id":"CVE-2021-22550","details":"An attacker can modify the pointers in enclave memory to overwrite arbitrary memory addresses within the secure enclave. It is recommended to update past 0.6.3 or git commit https://github.com/google/asylo/commit/a47ef55db2337d29de19c50cd29b0deb2871d31c","modified":"2026-04-11T23:34:04.870402Z","published":"2021-06-08T14:15:07.873Z","references":[{"type":"FIX","url":"https://github.com/google/asylo/commit/a47ef55db2337d29de19c50cd29b0deb2871d31c"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/google/asylo","events":[{"introduced":"0"},{"fixed":"49ea8b3ec7a31280bbbc2864375b1d19506d6d54"},{"fixed":"a47ef55db2337d29de19c50cd29b0deb2871d31c"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"0.6.3"}]}}],"versions":["buildenv-v0.2.0","buildenv-v0.2.1","buildenv-v0.2.2","buildenv-v0.3.0","buildenv-v0.3.1","buildenv-v0.3.2","buildenv-v0.3.3","buildenv-v0.3.4","buildenv-v0.4.0","buildenv-v0.4.1","buildenv-v0.5.0","buildenv-v0.5.1","buildenv-v0.5.2","buildenv-v0.5.3","buildenv-v0.6.0","buildenv-v0.6.1","buildenv-v0.6.2","v0.2.0","v0.2.1","v0.2.2","v0.3.0","v0.3.1","v0.3.2","v0.3.3","v0.3.4","v0.3.4.1","v0.4.0","v0.4.1","v0.5.0","v0.5.1","v0.5.2","v0.5.3","v0.6.0","v0.6.1","v0.6.2"],"database_specific":{"vanir_signatures":[{"deprecated":false,"target":{"file":"asylo/util/statusor.h"},"signature_type":"Line","signature_version":"v1","source":"https://github.com/google/asylo/commit/49ea8b3ec7a31280bbbc2864375b1d19506d6d54","digest":{"threshold":0.9,"line_hashes":["310405700852713691086764955692402379754","310065802095698027011047663183738269079","312289376163248216740647805151489310225","81556857726243288039718610769457725544","9938663545252293452405198839581423710"]},"id":"CVE-2021-22550-24913b25"},{"deprecated":false,"target":{"file":"asylo/platform/primitives/sgx/untrusted_cache_malloc.cc","function":"UntrustedCacheMalloc::GetBuffer"},"signature_type":"Function","signature_version":"v1","source":"https://github.com/google/asylo/commit/a47ef55db2337d29de19c50cd29b0deb2871d31c","digest":{"length":608,"function_hash":"324340882865174162518142847362939396353"},"id":"CVE-2021-22550-a190eb25"},{"deprecated":false,"target":{"file":"asylo/platform/primitives/sgx/untrusted_cache_malloc.cc"},"signature_type":"Line","signature_version":"v1","source":"https://github.com/google/asylo/commit/a47ef55db2337d29de19c50cd29b0deb2871d31c","digest":{"threshold":0.9,"line_hashes":["302266554857286136183943282989466354521","192108575824891427609433817722530469858","6413376985837492149878608009366389190","35815943247843364076385359851639162206","123439773876058695008610047098402977316","161686382595387852061273329649307725424","52349830248926453678625798795136266642","154438689577695076334591652158207116841"]},"id":"CVE-2021-22550-d59b588a"}],"vanir_signatures_modified":"2026-04-11T23:34:04Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-22550.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}