An issue was discovered in SKALE sgxwallet 1.58.3. The provided input for ECALL 14 triggers a branch in trustedEcdsaSign that frees a non-initialized pointer from the stack. An attacker can chain multiple enclave calls to prepare a stack that contains a valid address. This address is then freed, resulting in compromised integrity of the enclave. This was resolved after v1.58.3 and not reproducible in sgxwallet v1.77.0.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-09-27T13:22:28

Updated: 2024-08-04T00:54:51.117Z

Reserved: 2021-07-07T00:00:00

Link: CVE-2021-36219

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-09-27T14:15:08.537

Modified: 2024-11-21T06:13:20.200

Link: CVE-2021-36219

cve-icon Redhat

No data.