CVE-2020-15213: In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing
Summary
TensorFlow Lite (a lightweight version of TensorFlow used on mobile and embedded devices) before versions 2.2.1 and 2.3.1 has a vulnerability where attackers can crash an application by making it try to allocate too much memory through the segment sum operation (a function that groups and sums data). The vulnerability works because the code uses the largest value in the input data to determine how much memory to request, so an attacker can provide a very large number to exhaust available memory.
Solution / Mitigation
Upgrade to TensorFlow versions 2.2.1 or 2.3.1. As a partial workaround (only if segment IDs are fixed in the model file), add a custom `Verifier` to limit the maximum value allowed in the segment IDs tensor. If segment IDs are generated during inference, similar validation can be added between inference steps. However, if segment IDs are generated as outputs of a tensor during inference, no workaround is possible and upgrading is required.
Vulnerability Details
4(medium)
EPSS: 0.2%
Classification
Affected Vendors
Related Issues
CVE-2022-29200: TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implem
CVE-2021-29541: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a dereference of a null p
Original source: https://nvd.nist.gov/vuln/detail/CVE-2020-15213
First tracked: February 15, 2026 at 08:38 PM
Classified by LLM (prompt v3) · confidence: 95%