Описание
An issue was discovered in SCONE Confidential Computing Platform before 5.8.0 for Intel SGX. Lack of pointer-alignment logic in __scone_dispatch and other entry functions allows a local attacker to access unauthorized information, aka an "AEPIC Leak."
Ссылки
- Not ApplicableThird Party Advisory
- Technical Description
- Release Notes
- Release Notes
- Not ApplicableThird Party Advisory
- Not ApplicableThird Party Advisory
- Not ApplicableThird Party Advisory
- Not ApplicableThird Party Advisory
- Technical Description
- Release Notes
- Release Notes
- Not ApplicableThird Party Advisory
- Not ApplicableThird Party Advisory
- Not ApplicableThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.8.0 (исключая)
Одновременно
cpe:2.3:a:scontain:scone:*:*:*:*:*:*:*:*
cpe:2.3:a:intel:software_guard_extensions:-:*:*:*:*:*:*:*
EPSS
Процентиль: 8%
0.0003
Низкий
5.5 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 5.5
github
около 2 лет назад
An issue was discovered in SCONE Confidential Computing Platform before 5.8.0 for Intel SGX. Lack of pointer-alignment logic in __scone_dispatch and other entry functions allows a local attacker to access unauthorized information, aka an "AEPIC Leak."
EPSS
Процентиль: 8%
0.0003
Низкий
5.5 Medium
CVSS3
Дефекты
NVD-CWE-noinfo