ByteOS Network

Vulnerability Details :

CVE-2020-15195

Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa

Published At-25 Sep, 2020 | 18:40

Updated At-04 Aug, 2024 | 13:08

Heap buffer overflow in Tensorflow

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of `SparseFillEmptyRowsGrad` uses a double indexing pattern. It is possible for `reverse_index_map(i)` to be an index outside of bounds of `grad_values`, thus resulting in a heap buffer overflow. The issue is patched in commit 390611e0d45c5793c7066110af37c8514e6a6c54, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:GitHub_M

Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa

Published At:25 Sep, 2020 | 18:40

Updated At:04 Aug, 2024 | 13:08

▼CVE Numbering Authority (CNA)

Heap buffer overflow in Tensorflow

Affected Products

Vendor

TensorFlow

Product

tensorflow

Versions

Affected

< 1.15.4
>= 2.0.0, < 2.0.3
>= 2.1.0, < 2.1.2
>= 2.2.0, < 2.2.1
>= 2.3.0, < 2.3.1

Problem Types

Type	CWE ID	Description
CWE	CWE-119	{"CWE-119":"Improper Restriction of Operations within the Bounds of a Memory Buffer"}
CWE	CWE-122	{"CWE-122":"Heap-based Buffer Overflow"}

Type: CWE

CWE ID: CWE-119

Description: {"CWE-119":"Improper Restriction of Operations within the Bounds of a Memory Buffer"}

Type: CWE

CWE ID: CWE-122

Description: {"CWE-122":"Heap-based Buffer Overflow"}

Metrics

Version	Base score	Base severity	Vector
3.1	8.5	HIGH	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Version: 3.1

Base score: 8.5

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

References

Hyperlink	Resource
https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1	x_refsource_MISC
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-63xm-rx5p-xvqr	x_refsource_CONFIRM
https://github.com/tensorflow/tensorflow/commit/390611e0d45c5793c7066110af37c8514e6a6c54	x_refsource_MISC
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html	vendor-advisory x_refsource_SUSE

Hyperlink: https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1

Resource:

x_refsource_MISC

Hyperlink: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-63xm-rx5p-xvqr

Resource:

x_refsource_CONFIRM

Hyperlink: https://github.com/tensorflow/tensorflow/commit/390611e0d45c5793c7066110af37c8514e6a6c54

Resource:

x_refsource_MISC

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html

Resource:

vendor-advisory

x_refsource_SUSE

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1	x_refsource_MISC x_transferred
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-63xm-rx5p-xvqr	x_refsource_CONFIRM x_transferred
https://github.com/tensorflow/tensorflow/commit/390611e0d45c5793c7066110af37c8514e6a6c54	x_refsource_MISC x_transferred
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html	vendor-advisory x_refsource_SUSE x_transferred

Hyperlink: https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1

Resource:

x_refsource_MISC

x_transferred

Hyperlink: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-63xm-rx5p-xvqr

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: https://github.com/tensorflow/tensorflow/commit/390611e0d45c5793c7066110af37c8514e6a6c54

Resource:

x_refsource_MISC

x_transferred

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:security-advisories@github.com

Published At:25 Sep, 2020 | 19:15

Updated At:18 Nov, 2021 | 17:20

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary	3.1	8.5	HIGH	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Primary	2.0	6.5	MEDIUM	AV:N/AC:L/Au:S/C:P/I:P/A:P

Type: Primary

Version: 3.1

Base score: 8.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Type: Secondary

Version: 3.1

Base score: 8.5

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Type: Primary

Version: 2.0

Base score: 6.5

Base severity: MEDIUM

Vector:

AV:N/AC:L/Au:S/C:P/I:P/A:P

CPE Matches

Google LLC

>>tensorflow>>Versions before 1.15.4(exclusive)

cpe:2.3:a:google:tensorflow:*:*:*:*:-:*:*:*

Google LLC

>>tensorflow>>Versions from 2.0.0(inclusive) to 2.0.3(exclusive)

cpe:2.3:a:google:tensorflow:*:*:*:*:-:*:*:*

Google LLC

>>tensorflow>>Versions from 2.1.0(inclusive) to 2.1.2(exclusive)

cpe:2.3:a:google:tensorflow:*:*:*:*:-:*:*:*

Google LLC

>>tensorflow>>Versions from 2.2.0(inclusive) to 2.2.1(exclusive)

cpe:2.3:a:google:tensorflow:*:*:*:*:-:*:*:*

Google LLC

>>tensorflow>>Versions from 2.3.0(inclusive) to 2.3.1(exclusive)

cpe:2.3:a:google:tensorflow:*:*:*:*:-:*:*:*

openSUSE

>>leap>>15.2

cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-787	Primary	nvd@nist.gov
CWE-119	Secondary	security-advisories@github.com
CWE-122	Secondary	security-advisories@github.com

CWE ID: CWE-787

Type: Primary

Source: nvd@nist.gov

CWE ID: CWE-119

Type: Secondary