CVE-2020-15213Improper Restriction of Operations within the Bounds of a Memory Buffer in Google Tensorflow

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-770Allocation of Resources Without Limits or Throttling6 documents5 sources
Severity
4.0MEDIUMNVD
EPSS
0.2%
top 55.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Google TensorflowIntel Optimization FOR TensorflowTensorflow
Timeline
PublishedSep 25

Description

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. Since code uses the last element of the tensor holding them to determine the dimensionality of output tensor, attackers can use a very large value to trigger a large allocation. The issue is patched in commit 204945b19e44b57906c9344c0d00120eeeae178a and is released in TensorFlow versions 2.2.1, or 2.3.1. A potent

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:LExploitability: 2.2 | Impact: 1.4

Affected Packages3 packages

NVDgoogle/tensorflow2.2.02.2.1+1
PyPIintel/optimization_for_tensorflow2.2.02.2.1+2
CVEListV5tensorflow/tensorflow= 2.2.0, = 2.3.0+1

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

4
CVEList
Denial of service in tensorflow-lite2020-09-25
GHSA
Denial of service in tensorflow-lite2020-09-25
OSV
Denial of service in tensorflow-lite2020-09-25
OSV
CVE-2020-15213: In TensorFlow Lite before versions 22020-09-25

📋Vendor Advisories

1
Debian
CVE-2020-15213: tensorflow - In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can...2020
CVE-2020-15213 — Google Tensorflow vulnerability | cvebase