CVE intelligence and bounded remediation

CVE-2020-15214 — Google Tensorflow security vulnerability

High CVSS 8.1

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a write out bounds / segmentation fault if the segment ids are not sorted. Code assumes that the segment ids are in increasing order, using the last element of the tensor holding them to determine the dimensionality of output tensor. This results in allocating insufficient memory for the output tensor and in a write outside the bounds of the output array. This usually results in a segmentation fault, but depending on runtime conditions it can provide for a write gadget to be used in future memory corruption-based exploits. The issue is patched in commit 204945b19e44b57906c9344c0d00120eeeae178a and is released in TensorFlow versions 2.2.1, or 2.3.1. A potential workaround would be to add a custom `Verifier` to the model loading code to ensure that the segment ids are sorted, although this only handles the case when the segment ids are stored statically in the model. A similar validation could be done if the segment ids are generated at runtime between inference steps. If the segment ids are generated as outputs of a tensor during inference steps, then there are no possible workaround and users…

Severity
High
CVSS
8.1 (3.1)
Published
2020-09-25
CISA KEV
Not currently listed
Ecosystem
software/application
Weaknesses
CWE-787

Affected products

  • google / tensorflow

Showing 1 representative product identities from 2 source matches. Confirm exact affected versions with the linked vendor and NVD evidence.

Matched remediation archetype

Buffer bounds, memory safety, and memory corruption

This catalog composition supplies bounded fallback guidance. Explicitly reviewed curated workflows load with the complete record below.

Check exposure

  • Identify affected native-code versions, build flags, architectures, parsers, codecs, drivers, and input paths in all shipped artifacts.
  • Determine whether untrusted data reaches the affected routine and the process privilege, sandbox, and network exposure.
  • Confirm statically linked, vendored, firmware, and platform-provided copies, not only package-manager records.

Remediate safely

  • Apply the maintained upstream correction or replace the affected component, then rebuild every dependent artifact from clean inputs.
  • Adopt bounds-checked interfaces, validated sizes and integer conversions, clear ownership, and memory-safe components where practical.
  • Enable supported compiler and runtime hardening and add sanitized tests and fuzz regression seeds derived from non-weaponized fixtures.

Authoritative sources

Complete CVE record and remediation plan

The detailed catalog view below loads this exact record, its source evidence, and the full seven-phase agentic change plan.