pysec - pysec-2020-122

pysec-2020-122

Vulnerability from pysec

Published

2020-09-25 19:15

Modified

2021-09-01 08:19

Details

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the splits tensor has the minimum required number of elements. Code uses this quantity to initialize a different data structure. Since BatchedMap is equivalent to a vector, it needs to have at least one element to not be nullptr. If user passes a splits tensor that is empty or has exactly one element, we get a SIGABRT signal raised by the operating system. The issue is patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and is released in TensorFlow version 2.3.1.

Impacted products

Name	purl
tensorflow	pkg:pypi/tensorflow

Aliases

JSON

To clipboard

{
   affected: [
      {
         package: {
            ecosystem: "PyPI",
            name: "tensorflow",
            purl: "pkg:pypi/tensorflow",
         },
         ranges: [
            {
               events: [
                  {
                     introduced: "0",
                  },
                  {
                     fixed: "3cbb917b4714766030b28eba9fb41bb97ce9ee02",
                  },
               ],
               repo: "https://github.com/tensorflow/tensorflow",
               type: "GIT",
            },
            {
               events: [
                  {
                     introduced: "0",
                  },
                  {
                     fixed: "2.3.1",
                  },
               ],
               type: "ECOSYSTEM",
            },
         ],
         versions: [
            "0.12.0rc0",
            "0.12.0rc1",
            "0.12.0",
            "0.12.1",
            "1.0.0",
            "1.0.1",
            "1.1.0rc0",
            "1.1.0rc1",
            "1.1.0rc2",
            "1.1.0",
            "1.2.0rc0",
            "1.2.0rc1",
            "1.2.0rc2",
            "1.2.0",
            "1.2.1",
            "1.3.0rc0",
            "1.3.0rc1",
            "1.3.0rc2",
            "1.3.0",
            "1.4.0rc0",
            "1.4.0rc1",
            "1.4.0",
            "1.4.1",
            "1.5.0rc0",
            "1.5.0rc1",
            "1.5.0",
            "1.5.1",
            "1.6.0rc0",
            "1.6.0rc1",
            "1.6.0",
            "1.7.0rc0",
            "1.7.0rc1",
            "1.7.0",
            "1.7.1",
            "1.8.0rc0",
            "1.8.0rc1",
            "1.8.0",
            "1.9.0rc0",
            "1.9.0rc1",
            "1.9.0rc2",
            "1.9.0",
            "1.10.0rc0",
            "1.10.0rc1",
            "1.10.0",
            "1.10.1",
            "1.11.0rc0",
            "1.11.0rc1",
            "1.11.0rc2",
            "1.11.0",
            "1.12.0rc0",
            "1.12.0rc1",
            "1.12.0rc2",
            "1.12.0",
            "1.12.2",
            "1.12.3",
            "1.13.0rc0",
            "1.13.0rc1",
            "1.13.0rc2",
            "1.13.1",
            "1.13.2",
            "1.14.0rc0",
            "1.14.0rc1",
            "1.14.0",
            "1.15.0rc0",
            "1.15.0rc1",
            "1.15.0rc2",
            "1.15.0rc3",
            "1.15.0",
            "1.15.2",
            "1.15.3",
            "1.15.4",
            "1.15.5",
            "2.0.0a0",
            "2.0.0b0",
            "2.0.0b1",
            "2.0.0rc0",
            "2.0.0rc1",
            "2.0.0rc2",
            "2.0.0",
            "2.0.1",
            "2.0.2",
            "2.0.3",
            "2.0.4",
            "2.1.0rc0",
            "2.1.0rc1",
            "2.1.0rc2",
            "2.1.0",
            "2.1.1",
            "2.1.2",
            "2.1.3",
            "2.2.0rc0",
            "2.2.0rc1",
            "2.2.0rc2",
            "2.2.0rc3",
            "2.2.0rc4",
            "2.2.0",
            "2.2.1",
            "2.2.2",
            "2.3.0rc0",
            "2.3.0rc1",
            "2.3.0rc2",
            "2.3.0",
            "2.1.4",
            "2.2.3",
         ],
      },
   ],
   aliases: [
      "CVE-2020-15199",
      "GHSA-x5cp-9pcf-pp3h",
   ],
   details: "In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the `splits` tensor has the minimum required number of elements. Code uses this quantity to initialize a different data structure. Since `BatchedMap` is equivalent to a vector, it needs to have at least one element to not be `nullptr`. If user passes a `splits` tensor that is empty or has exactly one element, we get a `SIGABRT` signal raised by the operating system. The issue is patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and is released in TensorFlow version 2.3.1.",
   id: "PYSEC-2020-122",
   modified: "2021-09-01T08:19:33.217572Z",
   published: "2020-09-25T19:15:00Z",
   references: [
      {
         type: "ADVISORY",
         url: "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x5cp-9pcf-pp3h",
      },
      {
         type: "WEB",
         url: "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1",
      },
      {
         type: "FIX",
         url: "https://github.com/tensorflow/tensorflow/commit/3cbb917b4714766030b28eba9fb41bb97ce9ee02",
      },
   ],
}

cve-2020-15199

Vulnerability from cvelistv5

Published

2020-09-25 18:40

Modified

2024-08-04 13:08

Severity ?

5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the `splits` tensor has the minimum required number of elements. Code uses this quantity to initialize a different data structure. Since `BatchedMap` is equivalent to a vector, it needs to have at least one element to not be `nullptr`. If user passes a `splits` tensor that is empty or has exactly one element, we get a `SIGABRT` signal raised by the operating system. The issue is patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and is released in TensorFlow version 2.3.1.

References

▼	URL	Tags
	https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1	x_refsource_MISC
	https://github.com/tensorflow/tensorflow/commit/3cbb917b4714766030b28eba9fb41bb97ce9ee02	x_refsource_MISC
	https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x5cp-9pcf-pp3h	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	tensorflow	tensorflow	Version: = 2.3.0

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T13:08:22.934Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/tensorflow/tensorflow/commit/3cbb917b4714766030b28eba9fb41bb97ce9ee02",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x5cp-9pcf-pp3h",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "tensorflow",
               vendor: "tensorflow",
               versions: [
                  {
                     status: "affected",
                     version: "= 2.3.0",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the `splits` tensor has the minimum required number of elements. Code uses this quantity to initialize a different data structure. Since `BatchedMap` is equivalent to a vector, it needs to have at least one element to not be `nullptr`. If user passes a `splits` tensor that is empty or has exactly one element, we get a `SIGABRT` signal raised by the operating system. The issue is patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and is released in TensorFlow version 2.3.1.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-20",
                     description: "{\"CWE-20\":\"Improper Input Validation\"}",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-09-25T18:40:20",
            orgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
            shortName: "GitHub_M",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/tensorflow/tensorflow/commit/3cbb917b4714766030b28eba9fb41bb97ce9ee02",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x5cp-9pcf-pp3h",
            },
         ],
         source: {
            advisory: "GHSA-x5cp-9pcf-pp3h",
            discovery: "UNKNOWN",
         },
         title: "Denial of Service in Tensorflow",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security-advisories@github.com",
               ID: "CVE-2020-15199",
               STATE: "PUBLIC",
               TITLE: "Denial of Service in Tensorflow",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "tensorflow",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "= 2.3.0",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "tensorflow",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the `splits` tensor has the minimum required number of elements. Code uses this quantity to initialize a different data structure. Since `BatchedMap` is equivalent to a vector, it needs to have at least one element to not be `nullptr`. If user passes a `splits` tensor that is empty or has exactly one element, we get a `SIGABRT` signal raised by the operating system. The issue is patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and is released in TensorFlow version 2.3.1.",
                  },
               ],
            },
            impact: {
               cvss: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "{\"CWE-20\":\"Improper Input Validation\"}",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1",
                     refsource: "MISC",
                     url: "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1",
                  },
                  {
                     name: "https://github.com/tensorflow/tensorflow/commit/3cbb917b4714766030b28eba9fb41bb97ce9ee02",
                     refsource: "MISC",
                     url: "https://github.com/tensorflow/tensorflow/commit/3cbb917b4714766030b28eba9fb41bb97ce9ee02",
                  },
                  {
                     name: "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x5cp-9pcf-pp3h",
                     refsource: "CONFIRM",
                     url: "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x5cp-9pcf-pp3h",
                  },
               ],
            },
            source: {
               advisory: "GHSA-x5cp-9pcf-pp3h",
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa",
      assignerShortName: "GitHub_M",
      cveId: "CVE-2020-15199",
      datePublished: "2020-09-25T18:40:20",
      dateReserved: "2020-06-25T00:00:00",
      dateUpdated: "2024-08-04T13:08:22.934Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

ghsa-x5cp-9pcf-pp3h

Vulnerability from github

Published

2020-09-25 18:28

Modified

2024-10-28 14:51

Severity ?

5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
8.2 (High) - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Summary

Denial of Service in Tensorflow

Details

Impact

The RaggedCountSparseOutput does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the splits tensor has the minimum required number of elements. Code uses this quantity to initialize a different data structure: https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/core/kernels/count_ops.cc#L241-L244

Since BatchedMap is equivalent to a vector, it needs to have at least one element to not be nullptr. If user passes a splits tensor that is empty or has exactly one element, we get a SIGABRT signal raised by the operating system.

Patches

We have patched the issue in 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and will release a patch release.

We recommend users to upgrade to TensorFlow 2.3.1.

For more information

Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.

Attribution

This vulnerability is a variant of GHSA-p5f8-gfw5-33w4

Show details on source website

JSON

To clipboard

{
   affected: [
      {
         package: {
            ecosystem: "PyPI",
            name: "tensorflow",
         },
         ranges: [
            {
               events: [
                  {
                     introduced: "2.3.0",
                  },
                  {
                     fixed: "2.3.1",
                  },
               ],
               type: "ECOSYSTEM",
            },
         ],
         versions: [
            "2.3.0",
         ],
      },
      {
         package: {
            ecosystem: "PyPI",
            name: "tensorflow-cpu",
         },
         ranges: [
            {
               events: [
                  {
                     introduced: "2.3.0",
                  },
                  {
                     fixed: "2.3.1",
                  },
               ],
               type: "ECOSYSTEM",
            },
         ],
         versions: [
            "2.3.0",
         ],
      },
      {
         package: {
            ecosystem: "PyPI",
            name: "tensorflow-gpu",
         },
         ranges: [
            {
               events: [
                  {
                     introduced: "2.3.0",
                  },
                  {
                     fixed: "2.3.1",
                  },
               ],
               type: "ECOSYSTEM",
            },
         ],
         versions: [
            "2.3.0",
         ],
      },
   ],
   aliases: [
      "CVE-2020-15199",
   ],
   database_specific: {
      cwe_ids: [
         "CWE-20",
      ],
      github_reviewed: true,
      github_reviewed_at: "2020-09-25T16:59:30Z",
      nvd_published_at: "2020-09-25T19:15:00Z",
      severity: "HIGH",
   },
   details: "### Impact\nThe `RaggedCountSparseOutput` does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the `splits` tensor has the minimum required number of elements. Code uses this quantity to initialize a different data structure:\nhttps://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/core/kernels/count_ops.cc#L241-L244\n\nSince `BatchedMap` is equivalent to a vector, it needs to have at least one element to not be `nullptr`. If user passes a `splits` tensor that is empty or has exactly one element, we get a `SIGABRT` signal raised by the operating system.\n\n### Patches\nWe have patched the issue in 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and will release a patch release.\n\nWe recommend users to upgrade to TensorFlow 2.3.1.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability is a variant of [GHSA-p5f8-gfw5-33w4](https://github.com/tensorflow/tensorflow/security/advisories/GHSA-p5f8-gfw5-33w4)",
   id: "GHSA-x5cp-9pcf-pp3h",
   modified: "2024-10-28T14:51:46Z",
   published: "2020-09-25T18:28:24Z",
   references: [
      {
         type: "WEB",
         url: "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x5cp-9pcf-pp3h",
      },
      {
         type: "ADVISORY",
         url: "https://nvd.nist.gov/vuln/detail/CVE-2020-15199",
      },
      {
         type: "WEB",
         url: "https://github.com/tensorflow/tensorflow/commit/3cbb917b4714766030b28eba9fb41bb97ce9ee02",
      },
      {
         type: "WEB",
         url: "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2020-279.yaml",
      },
      {
         type: "WEB",
         url: "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2020-314.yaml",
      },
      {
         type: "WEB",
         url: "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2020-122.yaml",
      },
      {
         type: "PACKAGE",
         url: "https://github.com/tensorflow/tensorflow",
      },
      {
         type: "WEB",
         url: "https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1",
      },
   ],
   schema_version: "1.4.0",
   severity: [
      {
         score: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
         type: "CVSS_V3",
      },
      {
         score: "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
         type: "CVSS_V4",
      },
   ],
   summary: "Denial of Service in Tensorflow",
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

pysec-2020-122

Vulnerability from pysec

cve-2020-15199

Vulnerability from cvelistv5

ghsa-x5cp-9pcf-pp3h

Vulnerability from github

Impact

Patches

For more information

Attribution

Tags

Sightings

Nomenclature