CVE-2020-15206: Denial of Service in Tensorflow
(updated )
Changing the TensorFlow’s SavedModel protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using tensorflow-serving or other inference-as-a-service installments.
We have added fixes to this in f760f88b4267d981e13f4b302c437ae800445968 and fcfef195637c6e365577829c4d67681695956e7d (both going into TensorFlow 2.2.0 and 2.3.0 but not yet backported to earlier versions). However, this was not enough, as #41097 reports a different failure mode.
References
- github.com/advisories/GHSA-w5gh-2wr2-pm6g
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2020-286.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2020-321.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2020-129.yaml
- github.com/tensorflow/tensorflow
- github.com/tensorflow/tensorflow/commit/adf095206f25471e864a8e63a0f1caef53a0e3a6
- github.com/tensorflow/tensorflow/commit/f760f88b4267d981e13f4b302c437ae800445968
- github.com/tensorflow/tensorflow/commit/fcfef195637c6e365577829c4d67681695956e7d
- github.com/tensorflow/tensorflow/releases/tag/v2.3.1
- github.com/tensorflow/tensorflow/security/advisories/GHSA-w5gh-2wr2-pm6g
- nvd.nist.gov/vuln/detail/CVE-2020-15206
Detect and mitigate CVE-2020-15206 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →