CVE-2020-15212Out-of-bounds Write in Google Tensorflow

CWE-787Out-of-bounds Write6 documents5 sources
Severity
8.6HIGHNVD
CNA8.1
EPSS
0.2%
top 53.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Google TensorflowIntel Optimization FOR TensorflowTensorflow
Timeline
PublishedSep 25

Description

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. Users having access to `segment_ids_data` can alter `output_index` and then write to outside of `output_data` buffer. This might result in a segmentation fault but it can also be used to further corrupt the memory and can be chained with other vulnerabilities to create more advanced exploits. The issu

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:HExploitability: 3.9 | Impact: 4.7

Affected Packages3 packages

NVDgoogle/tensorflow2.2.02.2.1+1
PyPIintel/optimization_for_tensorflow2.2.02.2.1+2
CVEListV5tensorflow/tensorflow>= 2.2.0, < 2.2.1, >= 2.3.0, < 2.3.1+1

Patches

Patch: github.comPatch: github.comPatch: github.com

🔴Vulnerability Details

4
OSV
Out of bounds access in tensorflow-lite2020-09-25
GHSA
Out of bounds access in tensorflow-lite2020-09-25
CVEList
Out of bounds access in tensorflow-lite2020-09-25
OSV
CVE-2020-15212: In TensorFlow Lite before versions 22020-09-25

📋Vendor Advisories

1
Debian
CVE-2020-15212: tensorflow - In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can...2020
CVE-2020-15212 — Out-of-bounds Write in Google | cvebase