CVE-2020-15193

CVSS v4.0

7.1

High

Vector

AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions Tensorflow versions prior to 2.2.1 Tensorflow versions prior to 2.3.1

Description The implementation of dlpack.to dlpack can be made to use uninitialized memory, resulting in further memory corruption. This occurs because the pybind11 glue code assumes the argument is a tensor, but users can pass in a Python object instead. The uninitialized memory address is due to a reinterpret cast. Since the PyObject is a Python object, not a TensorFlow Tensor, the cast to EagerTensor fails.

Recommendations For Tensorflow versions prior to 2.2.1, upgrade to Tensorflow 2.2.1. For Tensorflow versions prior to 2.3.1, upgrade to Tensorflow 2.3.1. As a temporary workaround, consider avoiding the use of the dlpack.to dlpack function with non-tensor arguments until a patch is applied.

Exploit

Fix

Use of Uninitialized Resource

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-908

Related Identifiers

BIT-TENSORFLOW-2020-15193

CVE-2020-15193

GHSA-RJJG-HGV6-H69V

OPENSUSE-SU-2020:1766-1

OPENSUSE-SU-2020_1766-1

PYSEC-2020-116

PYSEC-2020-273

PYSEC-2020-308

Affected Products

Suse

Tensorflow

CVE-2020-15193

Weakness Enumeration

Related Identifiers

Affected Products

References · 37