Null Pointer Dereference Vulnerability in Nitro Enclaves Kernel Driver

Null Pointer Dereference Vulnerability in Nitro Enclaves Kernel Driver

CVE-2021-3543 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

A flaw null pointer dereference in the Nitro Enclaves kernel driver was found in the way that Enclaves VMs forces closures on the enclave file descriptor. A local user of a host machine could use this flaw to crash the system or escalate their privileges on the system.

Learn more about our User Device Pen Test.