CVE-2020-15265: Out-of-bounds Read
(updated )
In Tensorflow, an attacker can pass an invalid axis
value to tf.quantization.quantize_and_dequantize
. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dim_size
only does a DCHECK
to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, DCHECK
-like macros are no-ops, this results in segfault and access out-of-bounds of the array.
References
Detect and mitigate CVE-2020-15265 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →