Uc Berkeley · Rise Opaque · CVE-2018-20742
Name of the Vulnerable Software and Affected Versions:
UC Berkeley RISE Opaque versions prior to 2018-12-01
Description:
An issue was discovered where there is no boundary check on `ocall malloc`, which could cause an arbitrary enclave memory write due to the return value being a pointer to enclave memory.
Recommendations:
For versions prior to 2018-12-01, update to a version released after 2018-12-01 to resolve the issue.