Login Sign Up

CVE-2020-15214

8.1 HIGH

📋 TL;DR

This vulnerability in TensorFlow Lite allows memory corruption when processing models with unsorted segment IDs in segment sum operations. It affects users running TensorFlow Lite versions before 2.2.1 or 2.3.1, potentially leading to crashes or remote code execution.

💻 Affected Systems

Products:
  • TensorFlow Lite
Versions: All versions before 2.2.1 and 2.3.1
Operating Systems: All platforms running TensorFlow Lite
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects models using segment sum operations with unsorted segment IDs. The vulnerability is present in the core TensorFlow Lite library.

📦 What is this software?

Tensorflow by Google

View all CVEs affecting Tensorflow →

Tensorflow by Google

View all CVEs affecting Tensorflow →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise if an attacker can supply malicious models and leverage the memory corruption as a write gadget.

🟠

Likely Case

Application crashes (segmentation faults) causing denial of service when processing malformed models.

🟢

If Mitigated

No impact if patched versions are used or if custom validation ensures segment IDs are sorted before processing.

🌐 Internet-Facing: HIGH if models can be uploaded or supplied by untrusted sources via APIs or web interfaces.
🏢 Internal Only: MEDIUM if models are only processed internally from trusted sources, but still vulnerable to insider threats or supply chain attacks.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires crafting or modifying models with unsorted segment IDs. The advisory mentions it could provide a write gadget for memory corruption exploits, but no public exploits have been documented.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: TensorFlow 2.2.1 or 2.3.1

Vendor Advisory: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-p2cq-cprg-frvm

Restart Required: No

Instructions:

1. Upgrade TensorFlow to version 2.2.1 or 2.3.1 or later. 2. Update dependencies in your project to use the patched version. 3. Rebuild and redeploy applications using TensorFlow Lite.

🔧 Temporary Workarounds

Add custom segment ID validation

all

Implement a custom verifier to check that segment IDs are sorted before processing models, but only works for statically stored segment IDs.

Implement validation in model loading code: verify segment_ids tensor is sorted in increasing order before passing to segment sum operations.

🧯 If You Can't Patch

  • Implement runtime validation of segment IDs between inference steps if they are generated dynamically.
  • Restrict model sources to trusted providers only and validate all incoming models before processing.

🔍 How to Verify

Check if Vulnerable:

Check TensorFlow version: if using TensorFlow Lite and version is below 2.2.1 or 2.3.1, you are vulnerable.

Check Version:

python -c "import tensorflow as tf; print(tf.__version__)"

Verify Fix Applied:

Verify TensorFlow version is 2.2.1, 2.3.1, or later after upgrade.

📡 Detection & Monitoring

Log Indicators:

  • Segmentation fault logs from TensorFlow Lite processes
  • Application crashes when processing models with segment sum operations

Network Indicators:

  • Unusual model uploads or requests to model processing endpoints

SIEM Query:

search for 'segmentation fault' AND 'tensorflow' in application logs

📊 Metadata

CVE ID: CVE-2020-15214
CVSS v3 Score: 8.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:H
CWE: CWE-787
Published: September 25, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-15214, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)
CVE-2020-14871 10.0

This is a critical buffer overflow vulnerability (CWE-787) in Oracle Solaris's Pluggable Authenticat...

Same vulnerability type (CWE-787)