mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-06-07 05:28:59 +00:00
36 lines
1.4 KiB
JSON
36 lines
1.4 KiB
JSON
{
|
|
"id": "CVE-2023-38021",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2023-12-30T03:15:08.303",
|
|
"lastModified": "2024-01-01T02:12:45.130",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "An issue was discovered in Fortanix EnclaveOS Confidential Computing Manager (CCM) Platform before 3.32 for Intel SGX. Lack of pointer-alignment validation logic in entry functions allows a local attacker to access unauthorized information. This relates to the enclave_ecall function and system call layer."
|
|
}
|
|
],
|
|
"metrics": {},
|
|
"references": [
|
|
{
|
|
"url": "https://github.com/openenclave/openenclave/security/advisories/GHSA-v3vm-9h66-wm76",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://jovanbulck.github.io/files/oakland24-pandora.pdf",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/stale-data-read-from-xapic.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/processor-mmio-stale-data-vulnerabilities.html#inpage-nav-3-2-2",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00657.html",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |