SB2021010712 - Multiple vulnerabilities in TensorFlow

Description

This security bulletin contains information about 9 secuirty vulnerabilities.

1) Use of uninitialized resource (CVE-ID: CVE-2020-26266)

The vulnerability allows a local user to bypass certain security restrictions.

The vulnerability exists due to usage of uninitialized resources in Eigen. Under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen.

2) Out-of-bounds read (CVE-ID: CVE-2020-26267)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the the tf.raw_ops.DataFormatVecPermute API when processing the src_format and dst_format attributes. The code assumes that these two arguments define a permutation of NHWC. A local user can run a specially crafted program to trigger out-of-bounds read error and read contents of memory on the system.

3) Resource management error (CVE-ID: CVE-2020-26268)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the application. The tf.raw_ops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable. However, if the type of the tensor is not an integral type, the operation crashes the Python interpreter as it tries to write to the memory area. If the file is too small, TensorFlow properly returns an error as the memory area has fewer bytes than what is needed for the tensor it creates. However, as soon as there are enough bytes, the above snippet causes a segmentation fault.

4) Input validation error (CVE-ID: CVE-2020-26270)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation when processing an input with zero-length within the the LSTM/GRU layer. A local user can pass specially crafted input to the application and perform a denial of service (DoS) attack.

The vulnerability affects TensorFlow running an LSTM/GRU model.

5) Use of uninitialized resource (CVE-ID: CVE-2020-26271)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to usage of uninitialized resources. Under certain cases, loading a saved model can result in accessing uninitialized memory while building the computation graph. The MakeEdge function creates an edge between one output tensor of the src node (given by output_index) and the input slot of the dst node (given by input_index). This is only possible if the types of the tensors on both sides coincide, so the function begins by obtaining the corresponding DataType values and comparing these for equality. However, there is no check that the indices point to inside of the arrays they index into. Thus, this can result in accessing data out of bounds of the corresponding heap allocated arrays. In most scenarios, this can manifest as unitialized data access, but if the index points far away from the boundaries of the arrays this can be used to leak addresses from the library.

6) Out-of-bounds read (CVE-ID: CVE-2020-13790)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file. A remote attacker can perform a denial of service attack.

7) Insecure Temporary File (CVE-ID: CVE-2020-15250)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to the application is using the test rule TemporaryFolder that stores sensitive information in temporary files in the system temporary directory, accessible by other system users. A local user can read temporary files and obtain sensitive information, related to the application.

8) Out-of-bounds read (CVE-ID: CVE-2019-20838)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and X or R has more than one fixed quantifier, a related issue to CVE-2019-20454.

9) Integer overflow (CVE-ID: CVE-2020-14155)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow. A remote attacker can pass a large number after a (?C substring, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install update from vendor's website.

References

• https://github.com/tensorflow/tensorflow/releases/tag/v2.3.2
• https://github.com/tensorflow/tensorflow/releases/tag/v2.2.2
• https://github.com/tensorflow/tensorflow/releases/tag/v2.1.3
• https://github.com/tensorflow/tensorflow/releases/tag/v2.0.4
• https://github.com/tensorflow/tensorflow/releases/tag/v1.15.5