cve/CVE-2020-28975.md at 7482ec4521a75dd13882dc1283f17009c936e974

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 09:12:08 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

** DISPUTED ** svm_predict_values in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service (segmentation fault) via a crafted model SVM (introduced via pickle, json, or any other model permanence standard) with a large value in the _n_support array. NOTE: the scikit-learn vendor's position is that the behavior can only occur if the library's API is violated by an application that changes a private attribute.

POC

Reference

http://packetstormsecurity.com/files/160281/SciKit-Learn-0.23.2-Denial-Of-Service.html
http://packetstormsecurity.com/files/160281/SciKit-Learn-0.23.2-Denial-Of-Service.html
https://github.com/scikit-learn/scikit-learn/issues/18891
https://github.com/scikit-learn/scikit-learn/issues/18891

Github

https://github.com/Live-Hack-CVE/CVE-2020-28975

1.2 KiB Raw Blame History

CVE-2020-28975

Description

POC

Reference

Github

1.2 KiB

Raw Blame History