CVE-2018-20742
- Source
- https://cve.org/CVERecord?id=CVE-2018-20742
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-20742.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-20742
- Published
- 2019-01-24T05:29:00.753Z
- Modified
- 2026-04-11T11:39:52.618099Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in UC Berkeley RISE Opaque before 2018-12-01. There is no boundary check on ocall_malloc. The return value could be a pointer to enclave memory. It could cause an arbitrary enclave memory write.
- References
Affected packages
Git / github.com/mc2-project/opaque-sql
Affected ranges
- Type
- GIT
- Repo
- https://github.com/mc2-project/opaque-sql
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Type
- GIT
- Repo
- https://github.com/mc2-project/opaque-sql
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-20742.json"
vanir_signatures_modified
"2026-04-11T11:39:52Z"
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2018-12-01"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2018-12-01"
}
]
}
]
vanir_signatures
[
{
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/mc2-project/opaque-sql/commit/5ddda15d89f5ac82f4416208c5319ace4aecdc36",
"digest": {
"function_hash": "284098243613786490480073843291487550912",
"length": 263.0
},
"id": "CVE-2018-20742-0fc42f69",
"deprecated": false,
"target": {
"file": "src/enclave/Enclave/Enclave.cpp",
"function": "ecall_find_range_bounds"
}
},
{
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/mc2-project/opaque-sql/commit/5ddda15d89f5ac82f4416208c5319ace4aecdc36",
"digest": {
"function_hash": "148590096683225037690233649450281401323",
"length": 241.0
},
"id": "CVE-2018-20742-0fe98d01",
"deprecated": false,
"target": {
"file": "src/enclave/Enclave/Enclave.cpp",
"function": "ecall_scan_collect_last_primary"
}
},
{
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/mc2-project/opaque-sql/commit/5ddda15d89f5ac82f4416208c5319ace4aecdc36",
"digest": {
"function_hash": "258647976247338392647254326997447144548",
"length": 292.0
},
"id": "CVE-2018-20742-292a174f",
"deprecated": false,
"target": {
"file": "src/enclave/Enclave/Enclave.cpp",
"function": "ecall_encrypt"
}
},
{
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/mc2-project/opaque-sql/commit/5ddda15d89f5ac82f4416208c5319ace4aecdc36",
"digest": {
"function_hash": "148590096683225037690233649450281401323",
"length": 241.0
},
"id": "CVE-2018-20742-3be2eded",
"deprecated": false,
"target": {
"file": "src/enclave/Enclave/Enclave.cpp",
"function": "ecall_external_sort"
}
},
{
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/mc2-project/opaque-sql/commit/5ddda15d89f5ac82f4416208c5319ace4aecdc36",
"digest": {
"threshold": 0.9,
"line_hashes": [
"55711312421527039695562406978469720307",
"21621393102387289067723629547573991852",
"202097569512681946139620486538318165368",
"202149165311390819875114663319242875692"
]
},
"id": "CVE-2018-20742-3de02b2d",
"deprecated": false,
"target": {
"file": "src/enclave/App/App.cpp"
}
},
{
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/mc2-project/opaque-sql/commit/5ddda15d89f5ac82f4416208c5319ace4aecdc36",
"digest": {
"threshold": 0.9,
"line_hashes": [
"194877431531546983878193026775529421225",
"246854314775194106169711291768823374200",
"145474629349001699198101215428887733905",
"104599101138461500482133787409593074458",
"73269092137361018220922800634162714612",
"131116365652562216645642406653032273615",
"65447509443432863242472297391817209407",
"332934264925539236402636209123959817862",
"194352147068864472435360661136503525698",
"69014966731615672075079053651562743465",
"67586860657506507914773516824415206794",
"11420745578340849502529334073554449217",
"158215310319124162335234189211204875603",
"220186469292068021003600290236691355396",
"164681566618246568007482108211374436533",
"87560273953553739900639861244178463189",
"196886573295492174773698478537603724465",
"239968542378222237926991442511005616437",
"181463199851764839791956879131332584104",
"56523422453084096474349750797756935567",
"67400686971124254103857766765569263745",
"71555212650847088728593769731293791690",
"54312419519396677081192779328553858258",
"186326264451115466998692106658271719275",
"80063260715793016879272889342574753562",
"30373340204068476264285985242939591072",
"92040541773397539340241088811461611611",
"246464468487448588706404110217176957020",
"30962857044257155934771081501275997214",
"89999021561183845244028386751940771771",
"169845491957597415881039496984849855492",
"32293030903161644518105974351128679740",
"24695619577236341855307010162430957144",
"49388320778089283002926802368947877398",
"259649721895549032548133732088342899939",
"11192187541807720728229167850237691858",
"15640607102529161413059702726529905086",
"62518775786939887839283713491764533105",
"257057867752106356129623093080142773577",
"291232796897774586484143944634587148901",
"259973237907487889917004822833687905673",
"319649322457490747787591550159363952786",
"214228167817976068037263873637940270556",
"210871525763765835180440577944409033982",
"158451181229762143473476339158613731430",
"183860857234889299504900638267839447675",
"271452059899114397823404770075137699485"
]
},
"id": "CVE-2018-20742-592a8703",
"deprecated": false,
"target": {
"file": "src/enclave/Enclave/Enclave.cpp"
}
},
{
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/mc2-project/opaque-sql/commit/5ddda15d89f5ac82f4416208c5319ace4aecdc36",
"digest": {
"function_hash": "148590096683225037690233649450281401323",
"length": 241.0
},
"id": "CVE-2018-20742-6395812f",
"deprecated": false,
"target": {
"file": "src/enclave/Enclave/Enclave.cpp",
"function": "ecall_filter"
}
},
{
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/mc2-project/opaque-sql/commit/5ddda15d89f5ac82f4416208c5319ace4aecdc36",
"digest": {
"function_hash": "151357186275419173194179980647324979867",
"length": 195.0
},
"id": "CVE-2018-20742-795824b0",
"deprecated": false,
"target": {
"file": "src/enclave/Enclave/Enclave.cpp",
"function": "ecall_sample"
}
},
{
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/mc2-project/opaque-sql/commit/5ddda15d89f5ac82f4416208c5319ace4aecdc36",
"digest": {
"threshold": 0.9,
"line_hashes": [
"213438396551518774278406408018166822293",
"90467301485542527403038680753120366710",
"214738449059838085852478202394692590413"
]
},
"id": "CVE-2018-20742-814352ed",
"deprecated": false,
"target": {
"file": "src/enclave/Enclave/util.h"
}
},
{
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/mc2-project/opaque-sql/commit/5ddda15d89f5ac82f4416208c5319ace4aecdc36",
"digest": {
"function_hash": "33982082924825068010707928377303664040",
"length": 287.0
},
"id": "CVE-2018-20742-815da0de",
"deprecated": false,
"target": {
"file": "src/enclave/Enclave/Enclave.cpp",
"function": "ecall_non_oblivious_sort_merge_join"
}
},
{
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/mc2-project/opaque-sql/commit/5ddda15d89f5ac82f4416208c5319ace4aecdc36",
"digest": {
"function_hash": "335430523003154927563894273453585721244",
"length": 341.0
},
"id": "CVE-2018-20742-98b72b75",
"deprecated": false,
"target": {
"file": "src/enclave/Enclave/Enclave.cpp",
"function": "ecall_non_oblivious_aggregate_step1"
}
},
{
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/mc2-project/opaque-sql/commit/5ddda15d89f5ac82f4416208c5319ace4aecdc36",
"digest": {
"function_hash": "148590096683225037690233649450281401323",
"length": 241.0
},
"id": "CVE-2018-20742-9f3097e0",
"deprecated": false,
"target": {
"file": "src/enclave/Enclave/Enclave.cpp",
"function": "ecall_project"
}
},
{
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/mc2-project/opaque-sql/commit/5ddda15d89f5ac82f4416208c5319ace4aecdc36",
"digest": {
"function_hash": "321665603671109523750470429897092431432",
"length": 309.0
},
"id": "CVE-2018-20742-a1885703",
"deprecated": false,
"target": {
"file": "src/enclave/Enclave/Enclave.cpp",
"function": "ecall_partition_for_sort"
}
},
{
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/mc2-project/opaque-sql/commit/5ddda15d89f5ac82f4416208c5319ace4aecdc36",
"digest": {
"function_hash": "152333212482146625997171553811634219997",
"length": 379.0
},
"id": "CVE-2018-20742-db1e9657",
"deprecated": false,
"target": {
"file": "src/enclave/Enclave/Enclave.cpp",
"function": "ecall_non_oblivious_aggregate_step2"
}
},
{
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/mc2-project/opaque-sql/commit/5ddda15d89f5ac82f4416208c5319ace4aecdc36",
"digest": {
"threshold": 0.9,
"line_hashes": [
"131697561080263015513897351380022598814",
"293496674432405387050565827515466698581",
"152711785744718018660751434729579866376",
"329016652675572042629550383195679397674",
"81491714334568359548244852891422280477",
"57684799677815426926303254046380625361",
"173736077583440788959661568183981909045"
]
},
"id": "CVE-2018-20742-e1aaee3c",
"deprecated": false,
"target": {
"file": "src/enclave/Enclave/util.cpp"
}
}
]