CVE-2020-15265

In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dim_size only does a DCHECK to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, `DCHECK`-like macros are no-ops, this results in segfault and access out of bounds of the array. The issue is patched in eccb7ec454e6617738554a255d77f08e60ee0808 and TensorFlow 2.4.0 will be released containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808	Patch Third Party Advisory
https://github.com/tensorflow/tensorflow/issues/42105	Patch Third Party Advisory
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c	Exploit Patch Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:google:tensorflow:*:*:*:*:-:*:*:*

History

17 Aug 2021, 13:21

Type	Values Removed	Values Added
CPE	cpe:2.3:a:tensorflow:tensorflow:::::-:::*	cpe:2.3:a:google:tensorflow:::::-:::*

Information

Published : 2020-10-21 21:15

Updated : 2023-12-10 13:41

NVD link : CVE-2020-15265

Mitre link : CVE-2020-15265

CVE.ORG link : CVE-2020-15265

JSON object : View

Products Affected

google

tensorflow

CWE

CWE-125

Out-of-bounds Read

{"id": "CVE-2020-15265", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.2}]}, "published": "2020-10-21T21:15:12.257", "references": [{"url": "https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808", "tags": ["Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/tensorflow/tensorflow/issues/42105", "tags": ["Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c", "tags": ["Exploit", "Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-125"}]}], "descriptions": [{"lang": "en", "value": "In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dim_size only does a DCHECK to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, `DCHECK`-like macros are no-ops, this results in segfault and access out of bounds of the array. The issue is patched in eccb7ec454e6617738554a255d77f08e60ee0808 and TensorFlow 2.4.0 will be released containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved."}, {"lang": "es", "value": "En Tensorflow versiones anteriores a 2.4.0, un atacante puede pasar un valor de \"axis\" no v\u00e1lido a la funci\u00f3n \"tf.quantization.quantize_and_dequantize\". Esto resulta en el acceso a una dimensi\u00f3n fuera del rango del tensor de entrada en la implementaci\u00f3n del kernel de C++. Sin embargo, dim_size solo hace un DCHECK para comprobar el argumento y luego lo usa para acceder al elemento correspondiente de una matriz. Dado que en las compilaciones normales, las macros similares a \"DCHECK\" no son operativas, esto resulta en un fallo de segmentaci\u00f3n y un acceso fuera de los l\u00edmites de la matriz. El problema est\u00e1 parcheado en eccb7ec454e6617738554a255d77f08e60ee0808 y TensorFlow versi\u00f3n 2.4.0 se publicar\u00e1 con el parche. Los paquetes nocturnos de TensorFlow despu\u00e9s de esta confirmaci\u00f3n tambi\u00e9n resolver\u00e1n el problema"}], "lastModified": "2021-08-17T13:21:09.770", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:google:tensorflow:*:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "837BA051-B044-46A7-BCDF-81785C1E1FF9", "versionEndExcluding": "2.4.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}