// For flags

CVE-2020-15206

Denial of Service in Tensorflow

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's `SavedModel` protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using `tensorflow-serving` or other inference-as-a-service installments. Fixed were added in commits f760f88b4267d981e13f4b302c437ae800445968 and fcfef195637c6e365577829c4d67681695956e7d (both going into TensorFlow 2.2.0 and 2.3.0 but not yet backported to earlier versions). However, this was not enough, as #41097 reports a different failure mode. The issue is patched in commit adf095206f25471e864a8e63a0f1caef53a0e3a6, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.

En Tensorflow versiones anteriores a 1.15.4, 2.0.3, 2.1.2, 2.2.1 y 2.3.1, cambiar el búfer del protocolo "SavedModel" de TensorFlow y alterar el nombre de las claves requeridas resulta en fallos de segmentación y una corrupción de los datos mientras se carga el modelo. Esto puede causar una denegación de servicio en productos que usan "tensorflow-serve" u otras cuotas de inferencia como un servicio. Los arreglos se agregaron en las commits f760f88b4267d981e13f4b302c437ae800445968 y fcfef195637c6e365577829c4d67681695956e7d (ambas en TensorFlow versiones 2.2.0 y 2.3.0 pero aún no se han actualizado a versiones anteriores). Sin embargo, esto no fue suficiente, ya que #41097 reporta un modo de fallo diferente. El problema es parcheado en el commit adf095206f25471e864a8e63a0f1caef53a0e3a6, y es publicado en TensorFlow versiones 1.15.4, 2.0.3, 2.1.2, 2.2.1 o 2.3.1

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2020-06-25 CVE Reserved
  • 2020-09-25 CVE Published
  • 2024-03-17 EPSS Updated
  • 2024-08-04 CVE Updated
  • 2024-08-04 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-20: Improper Input Validation
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Google
Search vendor "Google"
Tensorflow
Search vendor "Google" for product "Tensorflow"
< 1.15.4
Search vendor "Google" for product "Tensorflow" and version " < 1.15.4"
-
Affected
Google
Search vendor "Google"
Tensorflow
Search vendor "Google" for product "Tensorflow"
>= 2.0.0 < 2.0.3
Search vendor "Google" for product "Tensorflow" and version " >= 2.0.0 < 2.0.3"
-
Affected
Google
Search vendor "Google"
Tensorflow
Search vendor "Google" for product "Tensorflow"
>= 2.1.0 < 2.1.2
Search vendor "Google" for product "Tensorflow" and version " >= 2.1.0 < 2.1.2"
-
Affected
Google
Search vendor "Google"
Tensorflow
Search vendor "Google" for product "Tensorflow"
>= 2.2.0 < 2.2.1
Search vendor "Google" for product "Tensorflow" and version " >= 2.2.0 < 2.2.1"
-
Affected
Google
Search vendor "Google"
Tensorflow
Search vendor "Google" for product "Tensorflow"
>= 2.3.0 < 2.3.1
Search vendor "Google" for product "Tensorflow" and version " >= 2.3.0 < 2.3.1"
-
Affected
Opensuse
Search vendor "Opensuse"
Leap
Search vendor "Opensuse" for product "Leap"
15.2
Search vendor "Opensuse" for product "Leap" and version "15.2"
-
Affected