Identifier

CVE-2020-15208

Package Slug

pypi/tensorflow-gpu

Vulnerability

Out-of-bounds Write

Description

In tensorflow-lite, when determining the common dimension size of two tensors, TFLite uses a DCHECK which is no-op outside debug compilation modes. Since the function always returns the dimension of the first tensor, malicious attackers can craft cases where this is larger than that of the second tensor. In turn, this would result in reads/writes outside bounds since the interpreter will wrongly assume that there is enough data in both tensors.

Affected Versions

All versions before 1.15.4, all versions starting from 2.0.0 before 2.0.3, all versions starting from 2.1.0 before 2.1.2, all versions starting from 2.2.0 before 2.2.1, all versions starting from 2.3.0 before 2.3.1

Solution

Upgrade to versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, 2.3.1 or above.

Last Modified

2020-10-05

source