Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 749372 (CVE-2020-15190, CVE-2020-15191, CVE-2020-15192, CVE-2020-15193, CVE-2020-15194, CVE-2020-15195, CVE-2020-15196, CVE-2020-15197, CVE-2020-15198, CVE-2020-15199, CVE-2020-15200, CVE-2020-15201, CVE-2020-15202, CVE-2020-15203, CVE-2020-15204, CVE-2020-15205, CVE-2020-15206, CVE-2020-15207, CVE-2020-15208, CVE-2020-15209, CVE-2020-15210, CVE-2020-15211) - sci-libs/tensorflow: Multiple vulnerabilities (CVE-2020-{15190,15191,15192,15193,15194,15195,15196,15197,15198,15199,15200,15201,15202,15203,15204,15205,15206,15207,15208,15209,15210,15211})
Summary: sci-libs/tensorflow: Multiple vulnerabilities (CVE-2020-{15190,15191,15192,15...
Status: RESOLVED FIXED
Alias: CVE-2020-15190, CVE-2020-15191, CVE-2020-15192, CVE-2020-15193, CVE-2020-15194, CVE-2020-15195, CVE-2020-15196, CVE-2020-15197, CVE-2020-15198, CVE-2020-15199, CVE-2020-15200, CVE-2020-15201, CVE-2020-15202, CVE-2020-15203, CVE-2020-15204, CVE-2020-15205, CVE-2020-15206, CVE-2020-15207, CVE-2020-15208, CVE-2020-15209, CVE-2020-15210, CVE-2020-15211
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial (vote)
Assignee: Gentoo Security
URL: https://github.com/tensorflow/tensorf...
Whiteboard: ~2 [ebuild]
Keywords:
Depends on:
Blocks:
 
Reported: 2020-10-16 02:50 UTC by John Helmert III (ajak)
Modified: 2020-12-06 20:43 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III (ajak) gentoo-dev Security 2020-10-16 02:50:36 UTC
Versions 2.1.2, 2.2.1, and 2.3.1 all fix security problems:

Fixes an undefined behavior causing a segfault in tf.raw_ops.Switch (CVE-2020-15190)
Fixes three vulnerabilities in conversion to DLPack format (CVE-2020-15191, CVE-2020-15192, CVE-2020-15193)
Fixes two vulnerabilities in SparseFillEmptyRowsGrad (CVE-2020-15194, CVE-2020-15195)
Fixes an integer truncation vulnerability in code using the work sharder API (CVE-2020-15202)
Fixes a format string vulnerability in tf.strings.as_string (CVE-2020-15203)
Fixes segfault raised by calling session-only ops in eager mode (CVE-2020-15204)
Fixes data leak and potential ASLR violation from tf.raw_ops.StringNGrams (CVE-2020-15205)
Fixes segfaults caused by incomplete SavedModel validation (CVE-2020-15206)
Fixes a data corruption due to a bug in negative indexing support in TFLite (CVE-2020-15207)
Fixes a data corruption due to dimension mismatch in TFLite (CVE-2020-15208)
Fixes several vulnerabilities in TFLite saved model format (CVE-2020-15209, CVE-2020-15210, CVE-2020-15211)
Fixes several vulnerabilities in TFLite implementation of segment sum (CVE-2020-15212, CVE-2020-15213, CVE-2020-15214)
Updates sqlite3 to 3.33.00 to handle CVE-2020-9327, CVE-2020-11655, CVE-2020-11656, CVE-2020-13434, CVE-2020-13435, CVE-2020-13630, CVE-2020-13631, CVE-2020-13871, and CVE-2020-15358.

2.3.1 fixes these additional issues:

Fixes several vulnerabilities in RaggedCountSparseOutput and SparseCountSparseOutput operations (CVE-2020-15196, CVE-2020-15197, CVE-2020-15198, CVE-2020-15199, CVE-2020-15200, CVE-2020-15201)


Several of these produce memory corruption significant enough that code execution could be possible. Maintainer, please update or drop the 2.1 and 2.2 branches. Thanks!
Comment 1 Jason Zaman gentoo-dev 2020-12-06 20:43:10 UTC
Dropped 2.1 and 2.2 in commit 1d9c9b3b10855f887037aebbc422765c3c5a0a22