Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 749372 (CVE-2020-15190, CVE-2020-15191, CVE-2020-15192, CVE-2020-15193, CVE-2020-15194, CVE-2020-15195, CVE-2020-15196, CVE-2020-15197, CVE-2020-15198, CVE-2020-15199, CVE-2020-15200, CVE-2020-15201, CVE-2020-15202, CVE-2020-15203, CVE-2020-15204, CVE-2020-15205, CVE-2020-15206, CVE-2020-15207, CVE-2020-15208, CVE-2020-15209, CVE-2020-15210, CVE-2020-15211) - sci-libs/tensorflow: Multiple vulnerabilities (CVE-2020-{15190,15191,15192,15193,15194,15195,15196,15197,15198,15199,15200,15201,15202,15203,15204,15205,15206,15207,15208,15209,15210,15211})
Summary: sci-libs/tensorflow: Multiple vulnerabilities (CVE-2020-{15190,15191,15192,15...
Status: RESOLVED FIXED
Alias: CVE-2020-15190, CVE-2020-15191, CVE-2020-15192, CVE-2020-15193, CVE-2020-15194, CVE-2020-15195, CVE-2020-15196, CVE-2020-15197, CVE-2020-15198, CVE-2020-15199, CVE-2020-15200, CVE-2020-15201, CVE-2020-15202, CVE-2020-15203, CVE-2020-15204, CVE-2020-15205, CVE-2020-15206, CVE-2020-15207, CVE-2020-15208, CVE-2020-15209, CVE-2020-15210, CVE-2020-15211
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial
Assignee: Gentoo Security
URL: https://github.com/tensorflow/tensorf...
Whiteboard: ~2 [ebuild]
Keywords:
Depends on:
Blocks:
 
Reported: 2020-10-16 02:50 UTC by John Helmert III
Modified: 2020-12-06 20:43 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2020-10-16 02:50:36 UTC 
Versions 2.1.2, 2.2.1, and 2.3.1 all fix security problems:

Fixes an undefined behavior causing a segfault in tf.raw_ops.Switch (CVE-2020-15190)
Fixes three vulnerabilities in conversion to DLPack format (CVE-2020-15191, CVE-2020-15192, CVE-2020-15193)
Fixes two vulnerabilities in SparseFillEmptyRowsGrad (CVE-2020-15194, CVE-2020-15195)
Fixes an integer truncation vulnerability in code using the work sharder API (CVE-2020-15202)
Fixes a format string vulnerability in tf.strings.as_string (CVE-2020-15203)
Fixes segfault raised by calling session-only ops in eager mode (CVE-2020-15204)
Fixes data leak and potential ASLR violation from tf.raw_ops.StringNGrams (CVE-2020-15205)
Fixes segfaults caused by incomplete SavedModel validation (CVE-2020-15206)
Fixes a data corruption due to a bug in negative indexing support in TFLite (CVE-2020-15207)
Fixes a data corruption due to dimension mismatch in TFLite (CVE-2020-15208)
Fixes several vulnerabilities in TFLite saved model format (CVE-2020-15209, CVE-2020-15210, CVE-2020-15211)
Fixes several vulnerabilities in TFLite implementation of segment sum (CVE-2020-15212, CVE-2020-15213, CVE-2020-15214)
Updates sqlite3 to 3.33.00 to handle CVE-2020-9327, CVE-2020-11655, CVE-2020-11656, CVE-2020-13434, CVE-2020-13435, CVE-2020-13630, CVE-2020-13631, CVE-2020-13871, and CVE-2020-15358.

2.3.1 fixes these additional issues:

Fixes several vulnerabilities in RaggedCountSparseOutput and SparseCountSparseOutput operations (CVE-2020-15196, CVE-2020-15197, CVE-2020-15198, CVE-2020-15199, CVE-2020-15200, CVE-2020-15201)


Several of these produce memory corruption significant enough that code execution could be possible. Maintainer, please update or drop the 2.1 and 2.2 branches. Thanks!
Comment 1 Jason Zaman gentoo-dev 2020-12-06 20:43:10 UTC 
Dropped 2.1 and 2.2 in commit 1d9c9b3b10855f887037aebbc422765c3c5a0a22