CVE-2020-28975
Denial of Service vulnerability in scikit-learn (PyPI)
What is CVE-2020-28975 About?
This vulnerability is a Denial of Service affecting Libsvm, specifically within the svm_predict_values function. Attackers can trigger a segmentation fault by providing a crafted model with an oversized _n_support array. Exploitation is relatively difficult as it requires specific manipulation of internal data structures, often violating API assumptions.
Affected Software
- scikit-learn
- >0.23.2, <1.0.1
- <0.24.dev0
Technical Details
The vulnerability resides in the svm_predict_values function in svm.cpp of Libsvm v324. It can also affect products using Libsvm, such as scikit-learn. An attacker can craft a malicious SVM model, potentially through permanence standards like pickle or JSON, where the _n_support array is assigned an excessively large value. When svm_predict_values attempts to process this malformed model, it leads to a segmentation fault, effectively causing a Denial of Service. The mechanism involves an application violating the library's API by direct manipulation of private attributes.
What is the Impact of CVE-2020-28975?
Successful exploitation may allow attackers to disrupt the availability of the affected service or application, leading to system instability or crashes.
What is the Exploitability of CVE-2020-28975?
Exploitation complexity for this Denial of Service vulnerability is moderate to high, as it requires crafting specific data within a model file. Prerequisites include the ability to inject or load a specially crafted SVM model into the target application. Authentication requirements depend on how the application handles model loading, but typically, an attacker needs some level of access to either supply the model file or manipulate data that influences model loading. This is likely a local or authenticated remote exploitation scenario, where an attacker must be able to interact with the application's model handling functions. The risk factor is increased if applications do not validate the integrity and structure of loaded SVM models, or if they expose functionalities that allow unvalidated model input.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2020-28975?
Available Upgrade Options
- scikit-learn
- <0.24.dev0 → Upgrade to 0.24.dev0
- scikit-learn
- >0.23.2, <1.0.1 → Upgrade to 1.0.1
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://github.com/pypa/advisory-database/tree/main/vulns/scikit-learn/PYSEC-2020-108.yaml
- https://osv.dev/vulnerability/PYSEC-2020-108
- http://packetstormsecurity.com/files/160281/SciKit-Learn-0.23.2-Denial-Of-Service.html
- http://seclists.org/fulldisclosure/2020/Nov/44
- https://github.com/scikit-learn/scikit-learn/issues/18891
- https://github.com/scikit-learn/scikit-learn/commit/1bf13d567d3cd74854aa8343fd25b61dd768bb85
- https://github.com/scikit-learn/scikit-learn
- https://osv.dev/vulnerability/GHSA-jxfp-4rvq-9h9m
- https://github.com/cjlin1/libsvm/blob/9a3a9708926dec87d382c43b203f2ca19c2d56a0/svm.cpp#L2501
- https://github.com/scikit-learn/scikit-learn/issues/18891
What are Similar Vulnerabilities to CVE-2020-28975?
Similar Vulnerabilities: CVE-2021-36109 , CVE-2021-32540 , CVE-2020-35759 , CVE-2020-13778 , CVE-2016-10523
