CVE-2020-15194 — MEDIUM (5.3)

Q: How severe is CVE-2020-15194?

CVE-2020-15194 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2020-15194?

Check the references section above for vendor advisories and patch information. Affected products include: Google Tensorflow, Opensuse Leap.

Vulnerability Description

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `SparseFillEmptyRowsGrad` implementation has incomplete validation of the shapes of its arguments. Although `reverse_index_map_t` and `grad_values_t` are accessed in a similar pattern, only `reverse_index_map_t` is validated to be of proper shape. Hence, malicious users can pass a bad `grad_values_t` to trigger an assertion failure in `vec`, causing denial of service in serving installations. The issue is patched in commit 390611e0d45c5793c7066110af37c8514e6a6c54, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1."

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

LOW

Affected Products

Vendor	Product	Versions
Google	Tensorflow	< 1.15.4
Opensuse	Leap	15.2

Related Weaknesses (CWE)

CWE-20 CWE-617

References

http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.htmlMailing ListThird Party Advisory
https://github.com/tensorflow/tensorflow/commit/390611e0d45c5793c7066110af37c851PatchThird Party Advisory
https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1Release NotesThird Party Advisory
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9mqp-7v2h-2382ExploitPatchThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.htmlMailing ListThird Party Advisory
https://github.com/tensorflow/tensorflow/commit/390611e0d45c5793c7066110af37c851PatchThird Party Advisory
https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1Release NotesThird Party Advisory
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9mqp-7v2h-2382ExploitPatchThird Party Advisory

FAQ

What is CVE-2020-15194?

CVE-2020-15194 is a vulnerability with a CVSS score of 5.3 (MEDIUM). In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `SparseFillEmptyRowsGrad` implementation has incomplete validation of the shapes of its arguments. Although `reverse_index_map_...

How severe is CVE-2020-15194?

CVE-2020-15194 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-15194?

Check the references section above for vendor advisories and patch information. Affected products include: Google Tensorflow, Opensuse Leap.