CVE-2020-26269: In TensorFlow release candidate versions 2.4.0rc*, the general implementation for matching filesystem paths to globbing pattern is vulnerable to an access out…

CVE-2020-26269 [HIGH] CWE-125 TensorFlow vulnerable to heap out of bounds read in filesystem glob matching TensorFlow vulnerable to heap out of bounds read in filesystem glob matching ### Impact The general implementation for matching filesystem paths to globbing pattern is vulnerable to an access out of bounds of [the array holding the directories](https://github.com/tensorflow/tensorflow/blob/458c6260265c46ebaf18052d6c61aea4b6b40926/tensorflow/core/platform/file_system_helper.cc#L127): ```cc if (!fs->Match(child_path, dirs[dir_index])) { ... } ``` Since `dir_index` is [unconditionaly incremented](https://github.com/tensorflow/tensorflow/blob/458c6260265c46ebaf18052d6c61aea4b6b40926/tensorflow/core/platform/file_system_helper.cc#L106) outside of the lambda function where the vulnerable pattern occurs, this results in an access out of bounds issue under certain scenarios. For example, if `/t

CVE-2020-26269 [HIGH] TensorFlow vulnerable to heap out of bounds read in filesystem glob matching TensorFlow vulnerable to heap out of bounds read in filesystem glob matching ### Impact The general implementation for matching filesystem paths to globbing pattern is vulnerable to an access out of bounds of [the array holding the directories](https://github.com/tensorflow/tensorflow/blob/458c6260265c46ebaf18052d6c61aea4b6b40926/tensorflow/core/platform/file_system_helper.cc#L127): ```cc if (!fs->Match(child_path, dirs[dir_index])) { ... } ``` Since `dir_index` is [unconditionaly incremented](https://github.com/tensorflow/tensorflow/blob/458c6260265c46ebaf18052d6c61aea4b6b40926/tensorflow/core/platform/file_system_helper.cc#L106) outside of the lambda function where the vulnerable pattern occurs, this results in an access out of bounds issue under certain scenarios. For example, if `/t

CVE-2020-26269 CVE-2020-26269: In TensorFlow release candidate versions 2 In TensorFlow release candidate versions 2.4.0rc*, the general implementation for matching filesystem paths to globbing pattern is vulnerable to an access out of bounds of the array holding the directories. There are multiple invariants and preconditions that are assumed by the parallel implementation of GetMatchingPaths but are not verified by the PRs introducing it (#40861 and #44310). Thus, we are completely rewriting the implementation to fully specify and validate these. This is patched in version 2.4.0. This issue only impacts master branch and the release candidates for TF version 2.4. The final release of the 2.4 release will be patched.

CVE-2020-26269 [HIGH] CVE-2020-26269: tensorflow - In TensorFlow release candidate versions 2.4.0rc*, the general implementation fo... In TensorFlow release candidate versions 2.4.0rc*, the general implementation for matching filesystem paths to globbing pattern is vulnerable to an access out of bounds of the array holding the directories. There are multiple invariants and preconditions that are assumed by the parallel implementation of GetMatchingPaths but are not verified by the PRs introducing it (#40861 and #44310). Thus, we are completely rewriting the implementation to fully specify and validate these. This is patched in version 2.4.0. This issue only impacts master branch and the release candidates for TF version 2.4. The final release of the 2.4 release will be patched. Scope: local forky: resolved sid: resolved

ConFL: Constraint-guided Fuzzing for Machine Learning Framework ConFL: Constraint-guided Fuzzing for Machine Learning Framework Zhao Liu 360 AI Security Lab China [email protected] Quanchen Zou 360 AI Security Lab China Corresponding author [email protected] Tian Yu 360 AI Security Lab China [email protected] Xuan Wang 360 AI Security Lab China [email protected] Guozhu Meng SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences China [email protected] Kai Chen SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences China [email protected] Deyue Zhang 360 AI Security Lab China [email protected] ## Abstract As machine learning gains prominence in various sectors of society for automated decision-making, concerns have risen regarding potential vulnerabilities in machine learning (ML) frameworks. Nevertheles