An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allow an attacker to make an Ecall_restore function call to reallocate untrusted code and overwrite sections of the Enclave memory address. We recommend updating your library.
{
"cpe": "cpe:2.3:a:google:asylo:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "0"
},
{
"last_affected": "0.6.0"
}
],
"source": [
"CPE_RANGE",
"REFERENCES"
]
}[
{
"source": "https://github.com/google/asylo/commit/ed0926bff0e423cd122a18b3d2fc772817f66825",
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"line_hashes": [
"330936869301037059737793362845294373946",
"154509550783807851087753276324588402993",
"112634774847455835941553074213750942069",
"42612531078368980209211864332224132916"
],
"threshold": 0.9
},
"deprecated": false,
"id": "CVE-2020-8935-bc57d05a",
"target": {
"file": "asylo/platform/host_call/trusted/host_calls.cc"
}
},
{
"source": "https://github.com/google/asylo/commit/ed0926bff0e423cd122a18b3d2fc772817f66825",
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"function_hash": "232489973061455759931858895176426134338",
"length": 528.0
},
"deprecated": false,
"id": "CVE-2020-8935-cd60b6c4",
"target": {
"function": "enc_untrusted_realloc",
"file": "asylo/platform/host_call/trusted/host_calls.cc"
}
}
]
"2026-07-08T20:29:53Z"
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-8935.json"