Skip to main content

Tensorflow CVE-2020-15199

MEDIUM
Improper Input Validation (CWE-20)
2020-09-25 security-advisories@github.com
5.9
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.9 MEDIUM
AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Sep 25, 2020 - 19:15 nvd
MEDIUM 5.9

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 64 pypi packages depend on tensorflow (62 direct, 2 indirect)
  • 1 pypi packages depend on tensorflow-gpu (1 direct, 0 indirect)

Ecosystem-wide dependent count for version 2.3.0 and other introduced versions.

DescriptionNVD

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the splits tensor has the minimum required number of elements. Code uses this quantity to initialize a different data structure. Since BatchedMap is equivalent to a vector, it needs to have at least one element to not be nullptr. If user passes a splits tensor that is empty or has exactly one element, we get a SIGABRT signal raised by the operating system. The issue is patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and is released in TensorFlow version 2.3.1.

AnalysisAI

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput does not validate that the input arguments form a valid ragged tensor. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Technical ContextAI

This vulnerability is classified under CWE-20. In Tensorflow before version 2.3.1, the RaggedCountSparseOutput does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the splits tensor has the minimum required number of elements. Code uses this quantity to initialize a different data structure. Since BatchedMap is equivalent to a vector, it needs to have at least one element to not be nullptr. If user passes a splits tensor that is empty or has exactly one element, we get a SIGABRT signal raised by the operating system. The issue is patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and is released in TensorFlow version 2.3.1. Affected products include: Google Tensorflow. Version information: version 2.3.1.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2020-15196 CRITICAL POC
9.9 Sep 25

In Tensorflow version 2.3.0, the `SparseCountSparseOutput` and `RaggedCountSparseOutput` implementations don't validate

CVE-2023-25668 CRITICAL POC
9.8 Mar 25

TensorFlow is an open source platform for machine learning. Rated critical severity (CVSS 9.8), this vulnerability is re

CVE-2022-41900 CRITICAL POC
9.8 Nov 18

TensorFlow is an open source platform for machine learning. Rated critical severity (CVSS 9.8), this vulnerability is re

CVE-2020-15208 CRITICAL POC
9.8 Sep 25

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of

CVE-2020-15205 CRITICAL POC
9.8 Sep 25

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `data_splits` argument of `tf.raw_ops.StringNGr

CVE-2022-41880 CRITICAL POC
9.1 Nov 18

TensorFlow is an open source platform for machine learning. Rated critical severity (CVSS 9.1), this vulnerability is re

CVE-2020-15207 CRITICAL POC
9.0 Sep 25

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, to mimic Python's indexing with negative value

CVE-2020-15202 CRITICAL POC
9.0 Sep 25

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `Shard` API in TensorFlow expects the last argu

CVE-2020-15195 HIGH POC
8.8 Sep 25

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of `SparseFillEmptyRowsGrad` use

CVE-2020-15212 HIGH POC
8.6 Sep 25

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of hea

CVE-2022-41894 HIGH POC
8.1 Nov 18

TensorFlow is an open source platform for machine learning. Rated high severity (CVSS 8.1), this vulnerability is remote

CVE-2020-15214 HIGH POC
8.1 Sep 25

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a write out bounds / segmentati

Share

CVE-2020-15199 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy