Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-26266

In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.

Published

2020-12-10T23:15:12.647

Last Modified

2024-11-21T05:19:42.273

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.4 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

3.9

Impact Score

6.4

Weaknesses

Type: Secondary
CWE-908
Type: Primary
CWE-908

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	google	tensorflow	< 1.15.5	Yes
Application	google	tensorflow	< 2.0.4	Yes
Application	google	tensorflow	< 2.1.3	Yes
Application	google	tensorflow	< 2.2.2	Yes
Application	google	tensorflow	< 2.3.2	Yes

References

https://github.com/tensorflow/tensorflow/commit/ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2 Patch, Third Party Advisory ([email protected])
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qhxx-j73r-qpm2 Exploit, Patch, Third Party Advisory ([email protected])
https://github.com/tensorflow/tensorflow/commit/ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2 Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qhxx-j73r-qpm2 Exploit, Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)