CVE-2020-15212: Out of bounds access in tensorflow-lite
(updated )
In TensorFlow Lite models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor: https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/lite/kernels/internal/reference/reference_ops.h#L2625-L2631
Users having access to segment_ids_data can alter output_index and then write to outside of output_data buffer.
This might result in a segmentation fault but it can also be used to further corrupt the memory and can be chained with other vulnerabilities to create more advanced exploits.
References
- github.com/advisories/GHSA-hx2x-85gr-wrpq
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2020-292.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2020-327.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2020-135.yaml
- github.com/tensorflow/tensorflow
- github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/lite/kernels/internal/reference/reference_ops.h
- github.com/tensorflow/tensorflow/commit/00c7ed7ce81c2126ebc17dfe7073b5c0efd5ec0a
- github.com/tensorflow/tensorflow/commit/204945b19e44b57906c9344c0d00120eeeae178a
- github.com/tensorflow/tensorflow/commit/a4030d8ba3692c438997c27be2dd95f3d5f54827
- github.com/tensorflow/tensorflow/releases/tag/v2.3.1
- github.com/tensorflow/tensorflow/security/advisories/GHSA-hx2x-85gr-wrpq
- nvd.nist.gov/vuln/detail/CVE-2020-15212
Code Behaviors & Features
Detect and mitigate CVE-2020-15212 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →