CVE-2020-15107
Last modified
CVE-2020-15107 is a medium-severity vulnerability rated 5.3/10 on the CVSS scale. In openenclave before 0.10.0, enclaves that use x87 FPU operations are vulnerable to tampering by a malicious host application. By violating the Linux System V Application Binary Interface (ABI) for such operations, a host app can compromise the execution integrity of some x87 FPU operations in an enclave. EPSS estimates a 0.33% chance of exploitation in the next 30 days.
Description
In openenclave before 0.10.0, enclaves that use x87 FPU operations are vulnerable to tampering by a malicious host application. By violating the Linux System V Application Binary Interface (ABI) for such operations, a host app can compromise the execution integrity of some x87 FPU operations in an enclave. Depending on the FPU control configuration of the enclave app and whether the operations are used in secret-dependent execution paths, this vulnerability may also be used to mount a side-channel attack on the enclave. This has been fixed in 0.10.0 and the current master branch. Users will need to recompile their applications against the patched libraries to be protected from this vulnerability.
Metrics
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:H/A:N
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Openenclave | Openenclave | < 0.10.0 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-15107?
How severe is CVE-2020-15107?
How do I fix CVE-2020-15107?
Are you affected by CVE-2020-15107?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST