An issue was discovered in SKALE sgxwallet 1.58.3. The provided input for ECALL 14 triggers a branch in trustedEcdsaSign that frees a non-initialized pointer from the stack. An attacker can chain multiple enclave calls to prepare a stack that contains a valid address. This address is then freed, resulting in compromised integrity of the enclave. This was resolved after v1.58.3 and not reproducible in sgxwallet v1.77.0.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-09-27T13:22:28
Updated: 2024-08-04T00:54:51.117Z
Reserved: 2021-07-07T00:00:00
Link: CVE-2021-36219
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-09-27T14:15:08.537
Modified: 2024-11-21T06:13:20.200
Link: CVE-2021-36219
Redhat
No data.