PT-2020-18481 · Baidu · Baidu Rust Sgx Sdk

Published

2020-01-04

Updated

2020-01-15

CVE-2020-5499

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Baidu Rust SGX SDK versions 1.0.0 through 1.0.8

Description The issue concerns non-deterministic results where two global IDs may sometimes be the same due to an enclave ID race.

Recommendations For versions 1.0.0 through 1.0.8, consider updating to a version that addresses the enclave ID race issue to prevent non-deterministic results.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-5499

Affected Products

Baidu Rust Sgx Sdk

PT-2020-18481 · Baidu · Baidu Rust Sgx Sdk

CVE-2020-5499

Related Identifiers

Affected Products

References · 3