Vulnerability-Lookup

CVE-2020-15265 (GCVE-0-2020-15265)

Vulnerability from cvelistv5 – Published: 2020-10-21 20:20 – Updated: 2024-08-04 13:15

Title

Segfault in Tensorflow

Summary

In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dim_size only does a DCHECK to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, `DCHECK`-like macros are no-ops, this results in segfault and access out of bounds of the array. The issue is patched in eccb7ec454e6617738554a255d77f08e60ee0808 and TensorFlow 2.4.0 will be released containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved.

Severity ?

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-125 - Out-of-bounds Read

Assigner

GitHub_M

References

URL

Tags

	https://github.com/tensorflow/tensorflow/security…	x_refsource_CONFIRM
	https://github.com/tensorflow/tensorflow/issues/42105	x_refsource_MISC
	https://github.com/tensorflow/tensorflow/commit/e…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	tensorflow	tensorflow	Affected: < 2.4.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:15:19.748Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/tensorflow/tensorflow/issues/42105"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "tensorflow",
          "vendor": "tensorflow",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.4.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dim_size only does a DCHECK to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, `DCHECK`-like macros are no-ops, this results in segfault and access out of bounds of the array. The issue is patched in eccb7ec454e6617738554a255d77f08e60ee0808 and TensorFlow 2.4.0 will be released containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125 Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-21T20:20:15",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/tensorflow/tensorflow/issues/42105"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808"
        }
      ],
      "source": {
        "advisory": "GHSA-rrfp-j2mp-hq9c",
        "discovery": "UNKNOWN"
      },
      "title": "Segfault in Tensorflow",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2020-15265",
          "STATE": "PUBLIC",
          "TITLE": "Segfault in Tensorflow"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "tensorflow",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003c 2.4.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "tensorflow"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dim_size only does a DCHECK to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, `DCHECK`-like macros are no-ops, this results in segfault and access out of bounds of the array. The issue is patched in eccb7ec454e6617738554a255d77f08e60ee0808 and TensorFlow 2.4.0 will be released containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-125 Out-of-bounds Read"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c",
              "refsource": "CONFIRM",
              "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c"
            },
            {
              "name": "https://github.com/tensorflow/tensorflow/issues/42105",
              "refsource": "MISC",
              "url": "https://github.com/tensorflow/tensorflow/issues/42105"
            },
            {
              "name": "https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808",
              "refsource": "MISC",
              "url": "https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-rrfp-j2mp-hq9c",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2020-15265",
    "datePublished": "2020-10-21T20:20:15",
    "dateReserved": "2020-06-25T00:00:00",
    "dateUpdated": "2024-08-04T13:15:19.748Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:google:tensorflow:*:*:*:*:-:*:*:*\", \"versionEndExcluding\": \"2.4.0\", \"matchCriteriaId\": \"837BA051-B044-46A7-BCDF-81785C1E1FF9\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dim_size only does a DCHECK to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, `DCHECK`-like macros are no-ops, this results in segfault and access out of bounds of the array. The issue is patched in eccb7ec454e6617738554a255d77f08e60ee0808 and TensorFlow 2.4.0 will be released containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved.\"}, {\"lang\": \"es\", \"value\": \"En Tensorflow versiones anteriores a  2.4.0, un atacante puede pasar un valor de \\\"axis\\\" no v\\u00e1lido a la funci\\u00f3n \\\"tf.quantization.quantize_and_dequantize\\\".\u0026#xa0;Esto resulta en el acceso a una dimensi\\u00f3n fuera del rango del tensor de entrada en la implementaci\\u00f3n del kernel de C++.\u0026#xa0;Sin embargo, dim_size solo hace un DCHECK para comprobar el argumento y luego lo usa para acceder al elemento correspondiente de una matriz.\u0026#xa0;Dado que en las compilaciones normales, las macros similares a \\\"DCHECK\\\" no son operativas, esto resulta en un fallo de segmentaci\\u00f3n y un acceso fuera de los l\\u00edmites de la matriz.\u0026#xa0;El problema est\\u00e1 parcheado en eccb7ec454e6617738554a255d77f08e60ee0808 y TensorFlow versi\\u00f3n 2.4.0 se publicar\\u00e1 con el parche.\u0026#xa0;Los paquetes nocturnos de TensorFlow despu\\u00e9s de esta confirmaci\\u00f3n tambi\\u00e9n resolver\\u00e1n el problema\"}]",
      "id": "CVE-2020-15265",
      "lastModified": "2024-11-21T05:05:13.733",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.9, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2020-10-21T21:15:12.257",
      "references": "[{\"url\": \"https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/issues/42105\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Exploit\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/issues/42105\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Patch\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "security-advisories@github.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-125\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-15265\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2020-10-21T21:15:12.257\",\"lastModified\":\"2024-11-21T05:05:13.733\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dim_size only does a DCHECK to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, `DCHECK`-like macros are no-ops, this results in segfault and access out of bounds of the array. The issue is patched in eccb7ec454e6617738554a255d77f08e60ee0808 and TensorFlow 2.4.0 will be released containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved.\"},{\"lang\":\"es\",\"value\":\"En Tensorflow versiones anteriores a  2.4.0, un atacante puede pasar un valor de \\\"axis\\\" no v\u00e1lido a la funci\u00f3n \\\"tf.quantization.quantize_and_dequantize\\\".\u0026#xa0;Esto resulta en el acceso a una dimensi\u00f3n fuera del rango del tensor de entrada en la implementaci\u00f3n del kernel de C++.\u0026#xa0;Sin embargo, dim_size solo hace un DCHECK para comprobar el argumento y luego lo usa para acceder al elemento correspondiente de una matriz.\u0026#xa0;Dado que en las compilaciones normales, las macros similares a \\\"DCHECK\\\" no son operativas, esto resulta en un fallo de segmentaci\u00f3n y un acceso fuera de los l\u00edmites de la matriz.\u0026#xa0;El problema est\u00e1 parcheado en eccb7ec454e6617738554a255d77f08e60ee0808 y TensorFlow versi\u00f3n 2.4.0 se publicar\u00e1 con el parche.\u0026#xa0;Los paquetes nocturnos de TensorFlow despu\u00e9s de esta confirmaci\u00f3n tambi\u00e9n resolver\u00e1n el problema\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:tensorflow:*:*:*:*:-:*:*:*\",\"versionEndExcluding\":\"2.4.0\",\"matchCriteriaId\":\"837BA051-B044-46A7-BCDF-81785C1E1FF9\"}]}]}],\"references\":[{\"url\":\"https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tensorflow/tensorflow/issues/42105\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tensorflow/tensorflow/issues/42105\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\"]}]}}"
  }
}

PYSEC-2020-138

Vulnerability from pysec - Published: 2020-10-21 21:15 - Updated: 2021-09-01 08:19

Details

In Tensorflow before version 2.4.0, an attacker can pass an invalid axis value to tf.quantization.quantize_and_dequantize. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dim_size only does a DCHECK to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, DCHECK-like macros are no-ops, this results in segfault and access out of bounds of the array. The issue is patched in eccb7ec454e6617738554a255d77f08e60ee0808 and TensorFlow 2.4.0 will be released containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved.

Impacted products

Name	purl
tensorflow	pkg:pypi/tensorflow

Aliases

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow",
        "purl": "pkg:pypi/tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "eccb7ec454e6617738554a255d77f08e60ee0808"
            }
          ],
          "repo": "https://github.com/tensorflow/tensorflow",
          "type": "GIT"
        },
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.4.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "0.12.0rc0",
        "0.12.0rc1",
        "0.12.0",
        "0.12.1",
        "1.0.0",
        "1.0.1",
        "1.1.0rc0",
        "1.1.0rc1",
        "1.1.0rc2",
        "1.1.0",
        "1.2.0rc0",
        "1.2.0rc1",
        "1.2.0rc2",
        "1.2.0",
        "1.2.1",
        "1.3.0rc0",
        "1.3.0rc1",
        "1.3.0rc2",
        "1.3.0",
        "1.4.0rc0",
        "1.4.0rc1",
        "1.4.0",
        "1.4.1",
        "1.5.0rc0",
        "1.5.0rc1",
        "1.5.0",
        "1.5.1",
        "1.6.0rc0",
        "1.6.0rc1",
        "1.6.0",
        "1.7.0rc0",
        "1.7.0rc1",
        "1.7.0",
        "1.7.1",
        "1.8.0rc0",
        "1.8.0rc1",
        "1.8.0",
        "1.9.0rc0",
        "1.9.0rc1",
        "1.9.0rc2",
        "1.9.0",
        "1.10.0rc0",
        "1.10.0rc1",
        "1.10.0",
        "1.10.1",
        "1.11.0rc0",
        "1.11.0rc1",
        "1.11.0rc2",
        "1.11.0",
        "1.12.0rc0",
        "1.12.0rc1",
        "1.12.0rc2",
        "1.12.0",
        "1.12.2",
        "1.12.3",
        "1.13.0rc0",
        "1.13.0rc1",
        "1.13.0rc2",
        "1.13.1",
        "1.13.2",
        "1.14.0rc0",
        "1.14.0rc1",
        "1.14.0",
        "1.15.0rc0",
        "1.15.0rc1",
        "1.15.0rc2",
        "1.15.0rc3",
        "1.15.0",
        "1.15.2",
        "1.15.3",
        "1.15.4",
        "1.15.5",
        "2.0.0a0",
        "2.0.0b0",
        "2.0.0b1",
        "2.0.0rc0",
        "2.0.0rc1",
        "2.0.0rc2",
        "2.0.0",
        "2.0.1",
        "2.0.2",
        "2.0.3",
        "2.0.4",
        "2.1.0rc0",
        "2.1.0rc1",
        "2.1.0rc2",
        "2.1.0",
        "2.1.1",
        "2.1.2",
        "2.1.3",
        "2.2.0rc0",
        "2.2.0rc1",
        "2.2.0rc2",
        "2.2.0rc3",
        "2.2.0rc4",
        "2.2.0",
        "2.2.1",
        "2.2.2",
        "2.3.0rc0",
        "2.3.0rc1",
        "2.3.0rc2",
        "2.3.0",
        "2.3.1",
        "2.3.2",
        "2.4.0rc0",
        "2.4.0rc1",
        "2.4.0rc2",
        "2.4.0rc3",
        "2.4.0rc4",
        "2.1.4",
        "2.2.3",
        "2.3.3",
        "2.3.4"
      ]
    }
  ],
  "aliases": [
    "CVE-2020-15265",
    "GHSA-rrfp-j2mp-hq9c"
  ],
  "details": "In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dim_size only does a DCHECK to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, `DCHECK`-like macros are no-ops, this results in segfault and access out of bounds of the array. The issue is patched in eccb7ec454e6617738554a255d77f08e60ee0808 and TensorFlow 2.4.0 will be released containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved.",
  "id": "PYSEC-2020-138",
  "modified": "2021-09-01T08:19:35.574576Z",
  "published": "2020-10-21T21:15:00Z",
  "references": [
    {
      "type": "FIX",
      "url": "https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/tensorflow/tensorflow/issues/42105"
    }
  ]
}

PYSEC-2020-330

Vulnerability from pysec - Published: 2020-10-21 21:15 - Updated: 2021-12-09 06:35

Details

Impacted products

Name	purl
tensorflow-gpu	pkg:pypi/tensorflow-gpu

Aliases

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu",
        "purl": "pkg:pypi/tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "eccb7ec454e6617738554a255d77f08e60ee0808"
            }
          ],
          "repo": "https://github.com/tensorflow/tensorflow",
          "type": "GIT"
        },
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.4.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "0.12.0",
        "0.12.1",
        "1.0.0",
        "1.0.1",
        "1.1.0",
        "1.10.0",
        "1.10.1",
        "1.11.0",
        "1.12.0",
        "1.12.2",
        "1.12.3",
        "1.13.1",
        "1.13.2",
        "1.14.0",
        "1.15.0",
        "1.15.2",
        "1.15.3",
        "1.15.4",
        "1.15.5",
        "1.2.0",
        "1.2.1",
        "1.3.0",
        "1.4.0",
        "1.4.1",
        "1.5.0",
        "1.5.1",
        "1.6.0",
        "1.7.0",
        "1.7.1",
        "1.8.0",
        "1.9.0",
        "2.0.0",
        "2.0.1",
        "2.0.2",
        "2.0.3",
        "2.0.4",
        "2.1.0",
        "2.1.1",
        "2.1.2",
        "2.1.3",
        "2.1.4",
        "2.2.0",
        "2.2.1",
        "2.2.2",
        "2.2.3",
        "2.3.0",
        "2.3.1",
        "2.3.2",
        "2.3.3",
        "2.3.4"
      ]
    }
  ],
  "aliases": [
    "CVE-2020-15265",
    "GHSA-rrfp-j2mp-hq9c"
  ],
  "details": "In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dim_size only does a DCHECK to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, `DCHECK`-like macros are no-ops, this results in segfault and access out of bounds of the array. The issue is patched in eccb7ec454e6617738554a255d77f08e60ee0808 and TensorFlow 2.4.0 will be released containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved.",
  "id": "PYSEC-2020-330",
  "modified": "2021-12-09T06:35:15.737663Z",
  "published": "2020-10-21T21:15:00Z",
  "references": [
    {
      "type": "FIX",
      "url": "https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/tensorflow/tensorflow/issues/42105"
    }
  ]
}

PYSEC-2020-295

Vulnerability from pysec - Published: 2020-10-21 21:15 - Updated: 2021-12-09 06:34

Details

Impacted products

Name	purl
tensorflow-cpu	pkg:pypi/tensorflow-cpu

Aliases

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu",
        "purl": "pkg:pypi/tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "eccb7ec454e6617738554a255d77f08e60ee0808"
            }
          ],
          "repo": "https://github.com/tensorflow/tensorflow",
          "type": "GIT"
        },
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.4.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1.15.0",
        "2.1.0",
        "2.1.1",
        "2.1.2",
        "2.1.3",
        "2.1.4",
        "2.2.0",
        "2.2.1",
        "2.2.2",
        "2.2.3",
        "2.3.0",
        "2.3.1",
        "2.3.2",
        "2.3.3",
        "2.3.4"
      ]
    }
  ],
  "aliases": [
    "CVE-2020-15265",
    "GHSA-rrfp-j2mp-hq9c"
  ],
  "details": "In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dim_size only does a DCHECK to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, `DCHECK`-like macros are no-ops, this results in segfault and access out of bounds of the array. The issue is patched in eccb7ec454e6617738554a255d77f08e60ee0808 and TensorFlow 2.4.0 will be released containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved.",
  "id": "PYSEC-2020-295",
  "modified": "2021-12-09T06:34:43.980213Z",
  "published": "2020-10-21T21:15:00Z",
  "references": [
    {
      "type": "FIX",
      "url": "https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/tensorflow/tensorflow/issues/42105"
    }
  ]
}

GSD-2020-15265

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2020-15265

Aliases

CVE-2020-15265

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-15265",
    "description": "In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dim_size only does a DCHECK to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, `DCHECK`-like macros are no-ops, this results in segfault and access out of bounds of the array. The issue is patched in eccb7ec454e6617738554a255d77f08e60ee0808 and TensorFlow 2.4.0 will be released containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved.",
    "id": "GSD-2020-15265",
    "references": [
      "https://security.archlinux.org/CVE-2020-15265"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-15265"
      ],
      "details": "In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dim_size only does a DCHECK to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, `DCHECK`-like macros are no-ops, this results in segfault and access out of bounds of the array. The issue is patched in eccb7ec454e6617738554a255d77f08e60ee0808 and TensorFlow 2.4.0 will be released containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved.",
      "id": "GSD-2020-15265",
      "modified": "2023-12-13T01:21:43.261753Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2020-15265",
        "STATE": "PUBLIC",
        "TITLE": "Segfault in Tensorflow"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "tensorflow",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "\u003c 2.4.0"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "tensorflow"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dim_size only does a DCHECK to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, `DCHECK`-like macros are no-ops, this results in segfault and access out of bounds of the array. The issue is patched in eccb7ec454e6617738554a255d77f08e60ee0808 and TensorFlow 2.4.0 will be released containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-125 Out-of-bounds Read"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c",
            "refsource": "CONFIRM",
            "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c"
          },
          {
            "name": "https://github.com/tensorflow/tensorflow/issues/42105",
            "refsource": "MISC",
            "url": "https://github.com/tensorflow/tensorflow/issues/42105"
          },
          {
            "name": "https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808",
            "refsource": "MISC",
            "url": "https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-rrfp-j2mp-hq9c",
        "discovery": "UNKNOWN"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c2.4.0",
          "affected_versions": "All versions before 2.4.0",
          "cvss_v2": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-125",
            "CWE-937"
          ],
          "date": "2020-11-03",
          "description": "In Tensorflow, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, `dim_size` only does a `DCHECK` to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, `DCHECK`-like macros are no-ops, this results in segfault and access out-of-bounds of the array.",
          "fixed_versions": [
            "2.4.0"
          ],
          "identifier": "CVE-2020-15265",
          "identifiers": [
            "CVE-2020-15265",
            "GHSA-rrfp-j2mp-hq9c"
          ],
          "not_impacted": "All versions starting from 2.4.0",
          "package_slug": "pypi/tensorflow-cpu",
          "pubdate": "2020-10-21",
          "solution": "Upgrade to version 2.4.0 or above.",
          "title": "Out-of-bounds Read",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2020-15265"
          ],
          "uuid": "e2ad6861-002e-442a-832b-71e3f40a5b9c"
        },
        {
          "affected_range": "\u003c2.4.0",
          "affected_versions": "All versions before 2.4.0",
          "cvss_v2": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-125",
            "CWE-937"
          ],
          "date": "2020-11-03",
          "description": "In Tensorflow, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, `dim_size` only does a `DCHECK` to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, `DCHECK`-like macros are no-ops, this results in segfault and access out-of-bounds of the array.",
          "fixed_versions": [
            "2.4.0"
          ],
          "identifier": "CVE-2020-15265",
          "identifiers": [
            "CVE-2020-15265",
            "GHSA-rrfp-j2mp-hq9c"
          ],
          "not_impacted": "All versions starting from 2.4.0",
          "package_slug": "pypi/tensorflow-gpu",
          "pubdate": "2020-10-21",
          "solution": "Upgrade to version 2.4.0 or above.",
          "title": "Out-of-bounds Read",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2020-15265"
          ],
          "uuid": "cb900810-4503-4004-88fb-cda6a4e51bba"
        },
        {
          "affected_range": "\u003c2.4.0",
          "affected_versions": "All versions before 2.4.0",
          "cvss_v2": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-125",
            "CWE-937"
          ],
          "date": "2021-08-17",
          "description": "In Tensorflow, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`.` This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, `dim_size` only does a `DCHECK` to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, `DCHECK`-like macros are no-ops, this results in segfault and access out-of-bounds of the array.",
          "fixed_versions": [
            "2.4.0"
          ],
          "identifier": "CVE-2020-15265",
          "identifiers": [
            "CVE-2020-15265",
            "GHSA-rrfp-j2mp-hq9c"
          ],
          "not_impacted": "All versions starting from 2.4.0",
          "package_slug": "pypi/tensorflow",
          "pubdate": "2020-10-21",
          "solution": "Upgrade to version 2.4.0 or above.",
          "title": "Out-of-bounds Read",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2020-15265"
          ],
          "uuid": "39082c03-8860-43cb-a715-375470501bb3"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:google:tensorflow:*:*:*:*:-:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.4.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2020-15265"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dim_size only does a DCHECK to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, `DCHECK`-like macros are no-ops, this results in segfault and access out of bounds of the array. The issue is patched in eccb7ec454e6617738554a255d77f08e60ee0808 and TensorFlow 2.4.0 will be released containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-125"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808"
            },
            {
              "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c"
            },
            {
              "name": "https://github.com/tensorflow/tensorflow/issues/42105",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/tensorflow/tensorflow/issues/42105"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2021-08-17T13:21Z",
      "publishedDate": "2020-10-21T21:15Z"
    }
  }
}

FKIE_CVE-2020-15265

Vulnerability from fkie_nvd - Published: 2020-10-21 21:15 - Updated: 2024-11-21 05:05

Severity ?

5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/tensorflow/tensorflow/issues/42105	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c	Exploit, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/tensorflow/tensorflow/issues/42105	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c	Exploit, Patch, Third Party Advisory

Impacted products

	Vendor	Product	Version
	google	tensorflow	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:google:tensorflow:*:*:*:*:-:*:*:*",
              "matchCriteriaId": "837BA051-B044-46A7-BCDF-81785C1E1FF9",
              "versionEndExcluding": "2.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dim_size only does a DCHECK to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, `DCHECK`-like macros are no-ops, this results in segfault and access out of bounds of the array. The issue is patched in eccb7ec454e6617738554a255d77f08e60ee0808 and TensorFlow 2.4.0 will be released containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved."
    },
    {
      "lang": "es",
      "value": "En Tensorflow versiones anteriores a  2.4.0, un atacante puede pasar un valor de \"axis\" no v\u00e1lido a la funci\u00f3n \"tf.quantization.quantize_and_dequantize\".\u0026#xa0;Esto resulta en el acceso a una dimensi\u00f3n fuera del rango del tensor de entrada en la implementaci\u00f3n del kernel de C++.\u0026#xa0;Sin embargo, dim_size solo hace un DCHECK para comprobar el argumento y luego lo usa para acceder al elemento correspondiente de una matriz.\u0026#xa0;Dado que en las compilaciones normales, las macros similares a \"DCHECK\" no son operativas, esto resulta en un fallo de segmentaci\u00f3n y un acceso fuera de los l\u00edmites de la matriz.\u0026#xa0;El problema est\u00e1 parcheado en eccb7ec454e6617738554a255d77f08e60ee0808 y TensorFlow versi\u00f3n 2.4.0 se publicar\u00e1 con el parche.\u0026#xa0;Los paquetes nocturnos de TensorFlow despu\u00e9s de esta confirmaci\u00f3n tambi\u00e9n resolver\u00e1n el problema"
    }
  ],
  "id": "CVE-2020-15265",
  "lastModified": "2024-11-21T05:05:13.733",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-21T21:15:12.257",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tensorflow/tensorflow/issues/42105"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tensorflow/tensorflow/issues/42105"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}

CNVD-2020-62802

Vulnerability from cnvd - Published: 2020-11-12

Title

Google TensorFlow缓冲区溢出漏洞（CNVD-2020-62802）

Description

Google TensorFlow是美国谷歌（Google）公司的一套用于机器学习的端到端开源平台。 Tensorflow 2.4.0之前版本存在安全漏洞，攻击者可利用该漏洞可以将一个无效的axis值传递给tf.quantization。数字转换和dequantize。这将导致在c++内核实现中访问一个超出输入张量秩的维度。但是dim size只执行DCHECK来验证参数，然后使用它来访问数组中相应的元素。因为在正常的构建中，DCHECK 类宏是无操作的，这会导致segfault和访问数组边界之外。

Severity

低

Patch Name

Google TensorFlow缓冲区溢出漏洞（CNVD-2020-62802）的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c

Reference

https://nvd.nist.gov/vuln/detail/CVE-2020-15265

Impacted products

Name
Google Google TensorFlow <2.4.0

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-15265",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-15265"
    }
  },
  "description": "Google TensorFlow\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8e\u673a\u5668\u5b66\u4e60\u7684\u7aef\u5230\u7aef\u5f00\u6e90\u5e73\u53f0\u3002\n\nTensorflow 2.4.0\u4e4b\u524d\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u53ef\u4ee5\u5c06\u4e00\u4e2a\u65e0\u6548\u7684axis\u503c\u4f20\u9012\u7ed9tf.quantization\u3002\u6570\u5b57\u8f6c\u6362\u548cdequantize\u3002\u8fd9\u5c06\u5bfc\u81f4\u5728c++\u5185\u6838\u5b9e\u73b0\u4e2d\u8bbf\u95ee\u4e00\u4e2a\u8d85\u51fa\u8f93\u5165\u5f20\u91cf\u79e9\u7684\u7ef4\u5ea6\u3002\u4f46\u662fdim size\u53ea\u6267\u884cDCHECK\u6765\u9a8c\u8bc1\u53c2\u6570\uff0c\u7136\u540e\u4f7f\u7528\u5b83\u6765\u8bbf\u95ee\u6570\u7ec4\u4e2d\u76f8\u5e94\u7684\u5143\u7d20\u3002\u56e0\u4e3a\u5728\u6b63\u5e38\u7684\u6784\u5efa\u4e2d\uff0cDCHECK \u7c7b\u5b8f\u662f\u65e0\u64cd\u4f5c\u7684\uff0c\u8fd9\u4f1a\u5bfc\u81f4segfault\u548c\u8bbf\u95ee\u6570\u7ec4\u8fb9\u754c\u4e4b\u5916\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-62802",
  "openTime": "2020-11-12",
  "patchDescription": "Google TensorFlow\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8e\u673a\u5668\u5b66\u4e60\u7684\u7aef\u5230\u7aef\u5f00\u6e90\u5e73\u53f0\u3002\r\n\r\nTensorflow 2.4.0\u4e4b\u524d\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u53ef\u4ee5\u5c06\u4e00\u4e2a\u65e0\u6548\u7684axis\u503c\u4f20\u9012\u7ed9tf.quantization\u3002\u6570\u5b57\u8f6c\u6362\u548cdequantize\u3002\u8fd9\u5c06\u5bfc\u81f4\u5728c++\u5185\u6838\u5b9e\u73b0\u4e2d\u8bbf\u95ee\u4e00\u4e2a\u8d85\u51fa\u8f93\u5165\u5f20\u91cf\u79e9\u7684\u7ef4\u5ea6\u3002\u4f46\u662fdim size\u53ea\u6267\u884cDCHECK\u6765\u9a8c\u8bc1\u53c2\u6570\uff0c\u7136\u540e\u4f7f\u7528\u5b83\u6765\u8bbf\u95ee\u6570\u7ec4\u4e2d\u76f8\u5e94\u7684\u5143\u7d20\u3002\u56e0\u4e3a\u5728\u6b63\u5e38\u7684\u6784\u5efa\u4e2d\uff0cDCHECK \u7c7b\u5b8f\u662f\u65e0\u64cd\u4f5c\u7684\uff0c\u8fd9\u4f1a\u5bfc\u81f4segfault\u548c\u8bbf\u95ee\u6570\u7ec4\u8fb9\u754c\u4e4b\u5916\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Google TensorFlow\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2020-62802\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Google Google TensorFlow \u003c2.4.0"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-15265",
  "serverity": "\u4f4e",
  "submitTime": "2020-11-04",
  "title": "Google TensorFlow\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2020-62802\uff09"
}

GHSA-RRFP-J2MP-HQ9C

Vulnerability from github – Published: 2020-11-13 17:13 – Updated: 2024-10-30 21:22

Summary

Segfault in `tf.quantization.quantize_and_dequantize`

Details

Impact

An attacker can pass an invalid axis value to tf.quantization.quantize_and_dequantize:

tf.quantization.quantize_and_dequantize(
    input=[2.5, 2.5], input_min=[0,0], input_max=[1,1], axis=10)

This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation:

const int depth = (axis_ == -1) ? 1 : input.dim_size(axis_);

However, dim_size only does a DCHECK to validate the argument and then uses it to access the corresponding element of an array:

int64 TensorShapeBase<Shape>::dim_size(int d) const {
  DCHECK_GE(d, 0);
  DCHECK_LT(d, dims());
  DoStuffWith(dims_[d]);
}

Since in normal builds, DCHECK-like macros are no-ops, this results in segfault and access out of bounds of the array.

Patches

We have patched the issue in eccb7ec454e6617738554a255d77f08e60ee0808 and will release TensorFlow 2.4.0 containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved.

For more information

Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.

Attribution

This vulnerability has been reported in #42105

Severity ?

5.9 (Medium)


                  
                    CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

7.1 (High)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.4.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.4.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.4.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-15265"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-11-13T17:11:27Z",
    "nvd_published_at": "2020-10-21T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "### Impact\nAn attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`:\n\n```python\ntf.quantization.quantize_and_dequantize(\n    input=[2.5, 2.5], input_min=[0,0], input_max=[1,1], axis=10)\n```\n\nThis results in accessing [a dimension outside the rank of the input tensor](https://github.com/tensorflow/tensorflow/blob/0225022b725993bfc19b87a02a2faaad9a53bc17/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L74) in the C++ kernel implementation:\n```\nconst int depth = (axis_ == -1) ? 1 : input.dim_size(axis_);\n```\n\nHowever, [`dim_size` only does a `DCHECK`](https://github.com/tensorflow/tensorflow/blob/0225022b725993bfc19b87a02a2faaad9a53bc17/tensorflow/core/framework/tensor_shape.cc#L292-L307) to validate the argument and then uses it to access the corresponding element of an array:\n```\nint64 TensorShapeBase\u003cShape\u003e::dim_size(int d) const {\n  DCHECK_GE(d, 0);\n  DCHECK_LT(d, dims());\n  DoStuffWith(dims_[d]);\n}\n```\n\nSince in normal builds, `DCHECK`-like macros are no-ops, this results in segfault and access out of bounds of the array.\n\n### Patches\n\nWe have patched the issue in eccb7ec454e6617738554a255d77f08e60ee0808 and will release TensorFlow 2.4.0 containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported in #42105",
  "id": "GHSA-rrfp-j2mp-hq9c",
  "modified": "2024-10-30T21:22:54Z",
  "published": "2020-11-13T17:13:04Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15265"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/issues/42105"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2020-295.yaml"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2020-330.yaml"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2020-138.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/tensorflow/tensorflow"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Segfault in `tf.quantization.quantize_and_dequantize`"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-15265 (GCVE-0-2020-15265)

PYSEC-2020-138

PYSEC-2020-330

PYSEC-2020-295

GSD-2020-15265

FKIE_CVE-2020-15265

CNVD-2020-62802

GHSA-RRFP-J2MP-HQ9C

Impact

Patches

For more information

Attribution

Tags

Sightings

Nomenclature