CVE-2020-15203
Denial of Service in Tensorflow
In short
A flaw in TensorFlow's string formatting function allows attackers to crash the application by injecting malicious format strings. This causes the program to stop working (denial of service).
Technical detail
A format string vulnerability exists in tf.strings.as_string() where the `fill` parameter is improperly sanitized before being used in a printf-style call. An attacker who can control this parameter can trigger memory corruption leading to segmentation faults and denial of service. The vulnerability affects TensorFlow versions prior to 1.15.4, 2.0.3, 2.1.2, 2.2.1, and 2.3.1.
Summary generated and translated by AI from the official description.
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, by controlling the `fill` argument of tf.strings.as_string, a malicious attacker is able to trigger a format string vulnerability due to the way the internal format use in a `printf` call is constructed. This may result in segmentation fault. The issue is patched in commit 33be22c65d86256e6826666662e40dbdfe70ee83, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected products
tensorflow · tensorflowWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.htmlhttps://github.com/tensorflow/tensorflow/commit/33be22c65d86256e6826666662e40dbdfe70ee83https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xmq7-7fxm-rr79