CVE-2021-24117

Name of the Vulnerable Software and Affected Versions: Apache Teaclave Rust SGX SDK version 1.1.3

Description: A side-channel vulnerability in base64 PEM file decoding allows system-level attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX.

Recommendations: For Apache Teaclave Rust SGX SDK version 1.1.3, consider disabling the base64 PEM file decoding functionality until a patch is available to prevent potential exploitation. Restrict access to sensitive RSA keys to minimize the risk of information disclosure.