Impact
An information disclosure vulnerability exists when an enclave application is loaded by a malicious host application. An attacker who successfully exploited the vulnerability could read privileged data from the enclave heap across trust boundaries.
To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to elevate user rights directly, but it could be used to obtain information otherwise considered confidential in an enclave , which could be used in further compromises.
Patches
The issue has been addressed in version 0.7.0 and the current master branch. Users will need to to recompile their applications against the patched libraries to be protected from this vulnerability.
Workarounds
No workarounds have been identified for this vulnerability.
Acknowledgements
David Oswald (The University of Birmingham, UK)
Eduard Marin (The University of Birmingham, UK)
Flavio Garcia (The University of Birmingham, UK)
Abdulla Aldoseri (The University of Birmingham, UK)
Jo van Bulck (imec-DistriNet, KU Leuven)
Frank Piessens (imec-DistriNet, KU Leuven)
For more information
If you have any questions or comments about this advisory:
Impact
An information disclosure vulnerability exists when an enclave application is loaded by a malicious host application. An attacker who successfully exploited the vulnerability could read privileged data from the enclave heap across trust boundaries.
To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to elevate user rights directly, but it could be used to obtain information otherwise considered confidential in an enclave , which could be used in further compromises.
Patches
The issue has been addressed in version 0.7.0 and the current master branch. Users will need to to recompile their applications against the patched libraries to be protected from this vulnerability.
Workarounds
No workarounds have been identified for this vulnerability.
Acknowledgements
David Oswald (The University of Birmingham, UK)
Eduard Marin (The University of Birmingham, UK)
Flavio Garcia (The University of Birmingham, UK)
Abdulla Aldoseri (The University of Birmingham, UK)
Jo van Bulck (imec-DistriNet, KU Leuven)
Frank Piessens (imec-DistriNet, KU Leuven)
For more information
If you have any questions or comments about this advisory:
questionlabel.