From d095d362567f96fa450de06d612f12e1b9034df9 Mon Sep 17 00:00:00 2001 From: Robert Schultheis Date: Mon, 16 Dec 2019 13:12:32 -0700 Subject: [PATCH] add CVE-2019-16778 for GHSA-844w-j86r-4x2j --- 2019/16xxx/CVE-2019-16778.json | 95 ++++++++++++++++++++++++++++++++++ 1 file changed, 95 insertions(+) create mode 100644 2019/16xxx/CVE-2019-16778.json diff --git a/2019/16xxx/CVE-2019-16778.json b/2019/16xxx/CVE-2019-16778.json new file mode 100644 index 00000000000..d187956c13b --- /dev/null +++ b/2019/16xxx/CVE-2019-16778.json @@ -0,0 +1,95 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "security-advisories@github.com", + "ID": "CVE-2019-16778", + "STATE": "PUBLIC", + "TITLE": "Heap buffer overflow in `UnsortedSegmentSum` in TensorFlow" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "tensorflow", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "< 1.15", + "version_value": "1.15" + } + ] + } + } + ] + }, + "vendor_name": "tensorflow" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In TensorFlow before 1.15, a heap buffer overflow in UnsortedSegmentSum can be produced when the Index template argument is int32. In this case data_size and num_segments fields are truncated from int64 to int32 and can produce negative numbers, resulting in accessing out of bounds heap memory.\n\nThis is unlikely to be exploitable and was detected and fixed internally in TensorFlow 1.15 and 2.0." + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 2.6, + "baseSeverity": "LOW", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-122 Heap-based Buffer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-844w-j86r-4x2j", + "refsource": "CONFIRM", + "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-844w-j86r-4x2j" + }, + { + "name": "https://github.com/tensorflow/tensorflow/commit/db4f9717c41bccc3ce10099ab61996b246099892", + "refsource": "MISC", + "url": "https://github.com/tensorflow/tensorflow/commit/db4f9717c41bccc3ce10099ab61996b246099892" + }, + { + "name": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2019-002.md", + "refsource": "MISC", + "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2019-002.md" + } + ] + }, + "source": { + "advisory": "GHSA-844w-j86r-4x2j", + "discovery": "UNKNOWN" + } +}