SB2020112105 - Denial of service in scikit-learn
Published: November 21, 2020 Updated: August 13, 2024
Security Bulletin ID
SB2020112105
Severity
Medium
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Buffer overflow (CVE-ID: CVE-2020-28975)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error when processing SVM models within the svm_predict_values in svm.cpp. A remote attacker can pass a specially crafted model to the application, trigger memory corruption and perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://github.com/scikit-learn/scikit-learn/issues/18891
- https://github.com/cjlin1/libsvm/blob/9a3a9708926dec87d382c43b203f2ca19c2d56a0/svm.cpp#L2501
- http://seclists.org/fulldisclosure/2020/Nov/44
- http://packetstormsecurity.com/files/160281/SciKit-Learn-0.23.2-Denial-Of-Service.html
- https://github.com/scikit-learn/scikit-learn/commit/1bf13d567d3cd74854aa8343fd25b61dd768bb85
- https://security.gentoo.org/glsa/202301-03