Loading HuntDB...

CVE-2020-15208

HIGH
Published 2020-09-25T18:45:40
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2020-15208. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1
7.4
/10
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Base Score Metrics
Exploitability: N/A Impact: N/A

EPSS Score

v2025.03.14
0.003
probability
of exploitation in the wild

There is a 0.3% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-06-25
Exploit Probability
Percentile: 0.553
Higher than 55.3% of all CVEs

Attack Vector Metrics

Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED

Impact Metrics

Confidentiality
HIGH
Integrity
HIGH
Availability
NONE

Description

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a `DCHECK` which is no-op outside of debug compilation modes. Since the function always returns the dimension of the first tensor, malicious attackers can craft cases where this is larger than that of the second tensor. In turn, this would result in reads/writes outside of bounds since the interpreter will wrongly assume that there is enough data in both tensors. The issue is patched in commit 8ee24e7949a203d234489f9da2c5bf45a7d5157d, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

✓ GitHub Reviewed HIGH

Data corruption in tensorflow-lite

GHSA-mxjj-953w-2c2v

Advisory Details

### Impact When determining the common dimension size of two tensors, TFLite uses a `DCHECK` which is no-op outside of debug compilation modes: https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/lite/kernels/internal/types.h#L437-L442 Since the function always returns the dimension of the first tensor, malicious attackers can craft cases where this is larger than that of the second tensor. In turn, this would result in reads/writes outside of bounds since the interpreter will wrongly assume that there is enough data in both tensors. ### Patches We have patched the issue in 8ee24e7949a20 and will release patch releases for all versions between 1.15 and 2.3. We recommend users to upgrade to TensorFlow 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1. ### For more information Please consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions. ### Attribution This vulnerability has been reported by members of the Aivul Team from Qihoo 360.

Affected Packages

PyPI tensorflow
ECOSYSTEM: ≥0 <1.15.4
PyPI tensorflow
ECOSYSTEM: ≥2.0.0 <2.0.3
PyPI tensorflow
ECOSYSTEM: ≥2.1.0 <2.1.2
PyPI tensorflow
ECOSYSTEM: ≥2.2.0 <2.2.1
PyPI tensorflow
ECOSYSTEM: ≥2.3.0 <2.3.1
PyPI tensorflow-cpu
ECOSYSTEM: ≥0 <1.15.4
PyPI tensorflow-cpu
ECOSYSTEM: ≥2.0.0 <2.0.3
PyPI tensorflow-cpu
ECOSYSTEM: ≥2.1.0 <2.1.2
PyPI tensorflow-cpu
ECOSYSTEM: ≥2.2.0 <2.2.1
PyPI tensorflow-cpu
ECOSYSTEM: ≥2.3.0 <2.3.1
PyPI tensorflow-gpu
ECOSYSTEM: ≥0 <1.15.4
PyPI tensorflow-gpu
ECOSYSTEM: ≥2.0.0 <2.0.3
PyPI tensorflow-gpu
ECOSYSTEM: ≥2.1.0 <2.1.2
PyPI tensorflow-gpu
ECOSYSTEM: ≥2.2.0 <2.2.1
PyPI tensorflow-gpu
ECOSYSTEM: ≥2.3.0 <2.3.1

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Advisory provided by GitHub Security Advisory Database. Published: September 25, 2020, Modified: October 30, 2024

References

Published: 2020-09-25T18:45:40
Last Modified: 2024-08-04T13:08:22.832Z
Copied to clipboard!