| Vulnerability Name: | CVE-2020-15213 (CCN-188972) | ||||||||||||
| Assigned: | 2020-06-25 | ||||||||||||
| Published: | 2020-06-25 | ||||||||||||
| Updated: | 2021-11-18 | ||||||||||||
| Summary: | In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. Since code uses the last element of the tensor holding them to determine the dimensionality of output tensor, attackers can use a very large value to trigger a large allocation. The issue is patched in commit 204945b19e44b57906c9344c0d00120eeeae178a and is released in TensorFlow versions 2.2.1, or 2.3.1. A potential workaround would be to add a custom `Verifier` to limit the maximum value in the segment ids tensor. This only handles the case when the segment ids are stored statically in the model, but a similar validation could be done if the segment ids are generated at runtime, between inference steps. However, if the segment ids are generated as outputs of a tensor during inference steps, then there are no possible workaround and users are advised to upgrade to patched code. | ||||||||||||
| CVSS v3 Severity: | 4.0 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L) 3.5 Low (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L/E:U/RL:O/RC:C)
3.5 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
| ||||||||||||
| Vulnerability Type: | CWE-770 | ||||||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2020-15213 Source: XF Type: UNKNOWN tensorflow-cve202015213-dos(188972) Source: MISC Type: Patch, Third Party Advisory https://github.com/tensorflow/tensorflow/commit/204945b19e44b57906c9344c0d00120eeeae178a Source: MISC Type: Third Party Advisory https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1 Source: CCN Type: TensorFlow Lite GIT Repository Denial of service from TFLite implementation of segment sum Source: CONFIRM Type: Exploit, Third Party Advisory https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hjmq-236j-8m87 Source: CCN Type: IBM Security Bulletin 6357195 (Watson Machine Learning Community Edition) Numerous CVE entires for TensorFlow in Watson Machine Learning Community Edition Source: CCN Type: IBM Security Bulletin 6364979 (Watson Discovery) IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in TensorFlow Source: CCN Type: IBM Security Bulletin 6434211 (Watson Machine Learning) Tensor Flow security vulnerabilities on IBM Watson Machine Learning on CP4D Source: CCN Type: IBM Security Bulletin 6445773 (Watson Machine Learning Server on-prem) Tensor Flow security vulnerabilities on IBM Watson Machine Learning Server Source: CCN Type: WhiteSource Vulnerability Database CVE-2020-15213 | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||