This is an automated email from the ASF dual-hosted git repository. mssun pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/incubator-teaclave-website.git
commit d3cad61ecd8cacbf954b6cc20c0563476466faed Author: Mingshen Sun <[email protected]> AuthorDate: Wed Dec 1 21:48:18 2021 -0800 Add teaclave meetup 9 minutes --- site/blog/2021-11-30-teaclave-meetup-9.md | 73 +++++++++++++++++++----------- site/blog/img/teaclave-meetup-9-zoom.png | Bin 0 -> 1887464 bytes 2 files changed, 47 insertions(+), 26 deletions(-) diff --git a/site/blog/2021-11-30-teaclave-meetup-9.md b/site/blog/2021-11-30-teaclave-meetup-9.md index 7101663..f26d39d 100644 --- a/site/blog/2021-11-30-teaclave-meetup-9.md +++ b/site/blog/2021-11-30-teaclave-meetup-9.md @@ -1,31 +1,52 @@ --- -title: "[Scheduled] Teaclave Meetup #9" +title: "Teaclave Meetup #9" date: 2021-11-30 author: Mingshen Sun --- -We are going to have the 9th monthly Teaclave (virtual) meetup. Since -November 25 is around Thanksgiving, I suggest putting it after -Thanksgiving on Nov 30th, 2021 PT: - -- 19:00-20:00 on Tuesday, Nov 30, 2021 (PT) - -You can find the corresponding date time in your time zone here: -<https://time.is/compare/1900_30_November_2021_in_PT> - -We are glad to have Jinhua Cui and Zhijingcheng Yu from National -University of Singapore joining our meetup to talk about their recent -study about the re-entrancy vulnerability in the exception handling -designs of some popular SGX SDKs and the SmashEx attack. [1, 2] - -I also create a Google Calendar for the recurring events. Please -subscribe if you're interested. - -Apache Teaclave (incubating) Community Calendar: -<https://calendar.google.com/calendar/u/0/[email protected]> - -At last, same as the previous meetup, please RSVP for the Zoom link -(or find it in the shared calendar). Thanks! - -[1] <https://jasonyu1996.github.io/SmashEx/> -[2] <https://teaclave.apache.org/blog/2021-10-25-security-advisory-of-smashex-and-cve-2021-0186/> +## Agenda + +- SmashEx: Smashing SGX Enclaves Using Exceptions — Jinhua Cui + +## Notes + +- *SmashEx: Smashing SGX Enclaves Using Exceptions* (CCS 2021): + Jinhua Cui (National University of Defense Technology, National University of + Singapore); Zhijingcheng Yu (National University of Singapore); Shweta Shinde + (ETH Zurich); Prateek Saxena (National University of Singapore); Zhiping Cai + (National University of Defense Technology) +- [https://arxiv.org/ftp/arxiv/papers/2110/2110.06657.pdf](https://arxiv.org/ftp/arxiv/papers/2110/2110.06657.pdf) +- CVE-2021-0186 + - [https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00548.html](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00548.html) + - **Description**: Improper input validation in the Intel(R) SGX SDK + applications compiled for SGX2 enabled processors may allow a privileged + user to potentially escalation of privilege via local access. + - **Affected Products**: Intel SGX SDK for Windows v2.12 and earlier, Intel + SGX SDK for Linux v2.13 and earlier, Intel® Processors supporting SGX2. + - Intel recommends updating the Intel® SGX SDK to the versions listed below. + Enclaves built with the new Intel® SGX SDK version should increment the + value of their ISVSVN field. +- Patch: [https://github.com/intel/linux-sgx/commit/edfe42a517b3e4b1d81204c3cdef6da6cb35fefc](https://github.com/intel/linux-sgx/commit/edfe42a517b3e4b1d81204c3cdef6da6cb35fefc) +- [Security Advisory from the Teaclave Community](https://teaclave.apache.org/blog/2021-10-25-security-advisory-of-smashex-and-cve-2021-0186/) + +## Attendees + +- Jinghua +- Ran Duan +- Rong Fan +- Gordon +- He Sun +- Hongbo Chen +- Jason Yu +- Pei Wang +- ruanwenwen +- Rundong +- Tongxin Li +- Weijie Liu +- Yuan Zhuang +- Zha0Chan +- Mingshen Sun + +## Group Photo + + diff --git a/site/blog/img/teaclave-meetup-9-zoom.png b/site/blog/img/teaclave-meetup-9-zoom.png new file mode 100644 index 0000000..c4ea272 Binary files /dev/null and b/site/blog/img/teaclave-meetup-9-zoom.png differ --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
