Platform
python
Component
tensorflow
Opgelost in
1.15
1.15.0
CVE-2019-16778 identifies a buffer overflow vulnerability within TensorFlow, specifically in the UnsortedSegmentSum function. This flaw arises from a truncation issue when handling data sizes, potentially allowing for out-of-bounds memory access. The vulnerability affects TensorFlow versions 1.9.0 and earlier, but has been internally detected and fixed. Users are advised to upgrade to TensorFlow 1.15.0 or later.
The buffer overflow in UnsortedSegmentSum stems from the truncation of datasize and numsegments fields from int64 to int32, which can result in negative values. These negative values then cause the program to attempt to access memory outside of the allocated heap buffer. While the vulnerability is considered unlikely to be directly exploitable, successful exploitation could lead to a denial-of-service (DoS) condition or, in a more complex scenario, potentially allow for arbitrary code execution. The internal detection and fix indicate a low risk of active exploitation, but updating remains a best practice.
This vulnerability was detected and fixed internally by the TensorFlow team, suggesting a low probability of active exploitation. There are no known public exploits or active campaigns targeting this specific flaw. The vulnerability was disclosed publicly on December 16, 2019. It is not currently listed on the CISA KEV catalog.
Organizations and individuals using TensorFlow versions 1.9.0 and earlier, particularly those deploying TensorFlow in production environments or processing sensitive data, are at risk. Systems with custom TensorFlow builds or integrations should be carefully reviewed to ensure they are not vulnerable.
• python / tensorflow: Inspect TensorFlow code for usage of UnsortedSegmentSum with potentially truncated int64 inputs. Monitor TensorFlow logs for memory access errors or crashes.
import tensorflow as tf
# Example: Check if data_size and num_segments are within reasonable bounds
data_size = tf.constant(..., dtype=tf.int64)
num_segments = tf.constant(..., dtype=tf.int64)
if data_size < 0 or num_segments < 0:
print("Potential vulnerability: Negative data size or num_segments")disclosure
Exploit Status
EPSS
0.33% (56% percentiel)
CVSS-vector
The primary mitigation for CVE-2019-16778 is to upgrade to TensorFlow version 1.15.0 or later, where the vulnerability has been addressed. If upgrading is not immediately feasible, consider implementing runtime checks to validate the sizes of datasize and numsegments before passing them to UnsortedSegmentSum. While a WAF or proxy is unlikely to directly mitigate this vulnerability, ensuring the TensorFlow environment is isolated and monitored can help detect any anomalous behavior. After upgrading, confirm the fix by running TensorFlow code that utilizes UnsortedSegmentSum and verifying that no out-of-bounds memory access errors occur.
Actualice TensorFlow a la versión 1.15 o posterior. Esto solucionará la vulnerabilidad de desbordamiento de búfer en el montón. Se recomienda actualizar a la última versión estable para obtener las últimas correcciones de seguridad.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2019-16778 is a buffer overflow vulnerability in TensorFlow versions 1.9.0 and earlier, stemming from a truncation issue that can lead to out-of-bounds memory access. It has a LOW severity rating.
You are affected if you are using TensorFlow version 1.9.0 or earlier. Upgrade to version 1.15.0 or later to resolve the vulnerability.
The recommended fix is to upgrade to TensorFlow version 1.15.0 or later. If upgrading is not possible, implement runtime checks to validate data sizes.
There are no known public exploits or active campaigns targeting CVE-2019-16778, but updating remains a best practice.
Refer to the TensorFlow security advisory for details: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5g78-6c33-499x
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.
Upload je requirements.txt-bestand en we vertellen je direct of je getroffen bent.