CVE-2020-15214: Out of bounds write in tensorflow-lite
(updated )
In TensorFlow Lite models using segment sum can trigger a write out bounds / segmentation fault if the segment ids are not sorted. Code assumes that the segment ids are in increasing order, using the last element of the tensor holding them to determine the dimensionality of output tensor: https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/lite/kernels/segment_sum.cc#L39-L44
This results in allocating insufficient memory for the output tensor and in a write outside the bounds of the output array: https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/lite/kernels/internal/reference/reference_ops.h#L2625-L2631
This usually results in a segmentation fault, but depending on runtime conditions it can provide for a write gadget to be used in future memory corruption-based exploits.
References
- github.com/advisories/GHSA-p2cq-cprg-frvm
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2020-294.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2020-329.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2020-137.yaml
- github.com/tensorflow/tensorflow
- github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/lite/kernels/internal/reference/reference_ops.h
- github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/lite/kernels/segment_sum.cc
- github.com/tensorflow/tensorflow/commit/00c7ed7ce81c2126ebc17dfe7073b5c0efd5ec0a
- github.com/tensorflow/tensorflow/commit/204945b19e44b57906c9344c0d00120eeeae178a
- github.com/tensorflow/tensorflow/commit/a4030d8ba3692c438997c27be2dd95f3d5f54827
- github.com/tensorflow/tensorflow/releases/tag/v2.3.1
- github.com/tensorflow/tensorflow/security/advisories/GHSA-p2cq-cprg-frvm
- nvd.nist.gov/vuln/detail/CVE-2020-15214
Detect and mitigate CVE-2020-15214 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →