CVE-2020-15202
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `Shard` API in TensorFlow expects the last argument to be a function taking two `int64` (i.e., `long long`) arguments. However, there are several places in TensorFlow where a lambda taking `int` or `int32` arguments is being used. In these cases, if the amount of work to be parallelized is large enough, integer truncation occurs. Depending on how the two arguments of the lambda are used, this can result in segfaults, read/write outside of heap allocated arrays, stack overflows, or data corruption. The issue is patched in commits 27b417360cbd671ef55915e4bb6bb06af8b8a832 and ca8c013b5e97b1373b3bb1c97ea655e69f31a575, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.
EPSS 0.50% · 66.3th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | tensorflow | 2.1.0, 2.0.0, 2.2.0 |
| Bitnami | tensorflow | 0, 2.0.0, 2.1.0 |
Timeline
- Sep 25, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Aug 18, 2021 EPSS Score
- Oct 25, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 27, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 2, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
References
- http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html url
- https://github.com/tensorflow/tensorflow/commit/27b417360cbd671ef55915e4bb6bb06af8b8a832 url
- https://github.com/tensorflow/tensorflow/commit/ca8c013b5e97b1373b3bb1c97ea655e69f31a575 url
- https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1 url
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6fg-mjxg-hqq4 url
- https://nvd.nist.gov/vuln/detail/CVE-2020-15202 url