cnvd - cnvd-2020-54784

cnvd-2020-54784

Vulnerability from cnvd

Title: TensorFlow Lite输入验证错误漏洞

Description:

Google TensorFlow是美国谷歌（Google）公司的一套用于机器学习的端到端开源平台。

TensorFlow Lite 2.2.1之前版本，2.3.1版本中存在安全漏洞，该漏洞源于网络系统或产品未对输入的数据进行正确的验证。攻击者可利用该漏洞通过一定手段导致分段错误，它也可以用于进一步破坏内存，并且可以与其他漏洞链接在一起以创建更高级的漏洞利用。

Severity: 中

Patch Name: TensorFlow Lite输入验证错误漏洞的补丁

Patch Description:

Google TensorFlow是美国谷歌（Google）公司的一套用于机器学习的端到端开源平台。

TensorFlow Lite 2.2.1之前版本，2.3.1版本中存在安全漏洞，该漏洞源于网络系统或产品未对输入的数据进行正确的验证。攻击者可利用该漏洞通过一定手段导致分段错误，它也可以用于进一步破坏内存，并且可以与其他漏洞链接在一起以创建更高级的漏洞利用。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1

Reference: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx2x-85gr-wrpq

Impacted products

Name
['Google TensorFlow Lite <2.2.1', 'Google TensorFlow Lite 2.3.1']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-15212",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-15212"
    }
  },
  "description": "Google TensorFlow\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8e\u673a\u5668\u5b66\u4e60\u7684\u7aef\u5230\u7aef\u5f00\u6e90\u5e73\u53f0\u3002\n\nTensorFlow Lite 2.2.1\u4e4b\u524d\u7248\u672c\uff0c2.3.1\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u5bf9\u8f93\u5165\u7684\u6570\u636e\u8fdb\u884c\u6b63\u786e\u7684\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u4e00\u5b9a\u624b\u6bb5\u5bfc\u81f4\u5206\u6bb5\u9519\u8bef\uff0c\u5b83\u4e5f\u53ef\u4ee5\u7528\u4e8e\u8fdb\u4e00\u6b65\u7834\u574f\u5185\u5b58\uff0c\u5e76\u4e14\u53ef\u4ee5\u4e0e\u5176\u4ed6\u6f0f\u6d1e\u94fe\u63a5\u5728\u4e00\u8d77\u4ee5\u521b\u5efa\u66f4\u9ad8\u7ea7\u7684\u6f0f\u6d1e\u5229\u7528\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://github.com/tensorflow/tensorflow/releases/tag/v2.3.1",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-54784",
  "openTime": "2020-09-30",
  "patchDescription": "Google TensorFlow\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8e\u673a\u5668\u5b66\u4e60\u7684\u7aef\u5230\u7aef\u5f00\u6e90\u5e73\u53f0\u3002\r\n\r\nTensorFlow Lite 2.2.1\u4e4b\u524d\u7248\u672c\uff0c2.3.1\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u5bf9\u8f93\u5165\u7684\u6570\u636e\u8fdb\u884c\u6b63\u786e\u7684\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u4e00\u5b9a\u624b\u6bb5\u5bfc\u81f4\u5206\u6bb5\u9519\u8bef\uff0c\u5b83\u4e5f\u53ef\u4ee5\u7528\u4e8e\u8fdb\u4e00\u6b65\u7834\u574f\u5185\u5b58\uff0c\u5e76\u4e14\u53ef\u4ee5\u4e0e\u5176\u4ed6\u6f0f\u6d1e\u94fe\u63a5\u5728\u4e00\u8d77\u4ee5\u521b\u5efa\u66f4\u9ad8\u7ea7\u7684\u6f0f\u6d1e\u5229\u7528\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "TensorFlow Lite\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Google TensorFlow Lite \u003c2.2.1",
      "Google TensorFlow Lite 2.3.1"
    ]
  },
  "referenceLink": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx2x-85gr-wrpq",
  "serverity": "\u4e2d",
  "submitTime": "2020-09-28",
  "title": "TensorFlow Lite\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e"
}

CVE-2020-15212 (GCVE-0-2020-15212)

Vulnerability from cvelistv5

Published

2020-09-25 18:50

Modified

2024-08-04 13:08

Severity ?

8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:H

CWE

CWE-787 - {"":"Out-of-bounds Write"}

Summary

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. Users having access to `segment_ids_data` can alter `output_index` and then write to outside of `output_data` buffer. This might result in a segmentation fault but it can also be used to further corrupt the memory and can be chained with other vulnerabilities to create more advanced exploits. The issue is patched in commit 204945b19e44b57906c9344c0d00120eeeae178a and is released in TensorFlow versions 2.2.1, or 2.3.1. A potential workaround would be to add a custom `Verifier` to the model loading code to ensure that the segment ids are all positive, although this only handles the case when the segment ids are stored statically in the model. A similar validation could be done if the segment ids are generated at runtime between inference steps. If the segment ids are generated as outputs of a tensor during inference steps, then there are no possible workaround and users are advised to upgrade to patched code.

References

▼	URL	Tags
	https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1	x_refsource_MISC
	https://github.com/tensorflow/tensorflow/commit/204945b19e44b57906c9344c0d00120eeeae178a	x_refsource_MISC
	https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx2x-85gr-wrpq	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	tensorflow	tensorflow	Version: >= 2.2.0, < 2.2.1 Version: >= 2.3.0, < 2.3.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:08:22.919Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/tensorflow/tensorflow/commit/204945b19e44b57906c9344c0d00120eeeae178a"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx2x-85gr-wrpq"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "tensorflow",
          "vendor": "tensorflow",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 2.2.0, \u003c 2.2.1"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.3.0, \u003c 2.3.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. Users having access to `segment_ids_data` can alter `output_index` and then write to outside of `output_data` buffer. This might result in a segmentation fault but it can also be used to further corrupt the memory and can be chained with other vulnerabilities to create more advanced exploits. The issue is patched in commit 204945b19e44b57906c9344c0d00120eeeae178a and is released in TensorFlow versions 2.2.1, or 2.3.1. A potential workaround would be to add a custom `Verifier` to the model loading code to ensure that the segment ids are all positive, although this only handles the case when the segment ids are stored statically in the model. A similar validation could be done if the segment ids are generated at runtime between inference steps. If the segment ids are generated as outputs of a tensor during inference steps, then there are no possible workaround and users are advised to upgrade to patched code."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "{\"CWE-787\":\"Out-of-bounds Write\"}",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-25T18:50:33",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/tensorflow/tensorflow/commit/204945b19e44b57906c9344c0d00120eeeae178a"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx2x-85gr-wrpq"
        }
      ],
      "source": {
        "advisory": "GHSA-hx2x-85gr-wrpq",
        "discovery": "UNKNOWN"
      },
      "title": "Out of bounds access in tensorflow-lite",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2020-15212",
          "STATE": "PUBLIC",
          "TITLE": "Out of bounds access in tensorflow-lite"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "tensorflow",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003e= 2.2.0, \u003c 2.2.1"
                          },
                          {
                            "version_value": "\u003e= 2.3.0, \u003c 2.3.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "tensorflow"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. Users having access to `segment_ids_data` can alter `output_index` and then write to outside of `output_data` buffer. This might result in a segmentation fault but it can also be used to further corrupt the memory and can be chained with other vulnerabilities to create more advanced exploits. The issue is patched in commit 204945b19e44b57906c9344c0d00120eeeae178a and is released in TensorFlow versions 2.2.1, or 2.3.1. A potential workaround would be to add a custom `Verifier` to the model loading code to ensure that the segment ids are all positive, although this only handles the case when the segment ids are stored statically in the model. A similar validation could be done if the segment ids are generated at runtime between inference steps. If the segment ids are generated as outputs of a tensor during inference steps, then there are no possible workaround and users are advised to upgrade to patched code."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "{\"CWE-787\":\"Out-of-bounds Write\"}"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1",
              "refsource": "MISC",
              "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1"
            },
            {
              "name": "https://github.com/tensorflow/tensorflow/commit/204945b19e44b57906c9344c0d00120eeeae178a",
              "refsource": "MISC",
              "url": "https://github.com/tensorflow/tensorflow/commit/204945b19e44b57906c9344c0d00120eeeae178a"
            },
            {
              "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx2x-85gr-wrpq",
              "refsource": "CONFIRM",
              "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx2x-85gr-wrpq"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-hx2x-85gr-wrpq",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2020-15212",
    "datePublished": "2020-09-25T18:50:34",
    "dateReserved": "2020-06-25T00:00:00",
    "dateUpdated": "2024-08-04T13:08:22.919Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted