← back
CVE-2023-38022

CVE-2023-38022

EPSS 0.2%
An issue was discovered in Fortanix EnclaveOS Confidential Computing Manager (CCM) Platform before 3.29 for Intel SGX. Insufficient pointer validation allows a local attacker to access unauthorized information. This relates to strlen and sgx_is_within_user.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://jovanbulck.github.io/files/ccs19-tale.pdfhttps://jovanbulck.github.io/files/oakland24-pandora.pdf