Vulnerability Database

300,830

Total vulnerabilities in the database

CVE-2020-15209

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a nullptr buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one. The runtime assumes that these buffers are written to before a possible read, hence they are initialized with nullptr. However, by changing the buffer index for a tensor and implicitly converting that tensor to be a read-write one, as there is nothing in the model that writes to it, we get a null pointer dereference. The issue is patched in commit 0b5662bc, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.

CVSS v3:

  • Severity: Medium
  • Score: 5.9
  • AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:N/A:P

CWEs:

Software From Fixed in
google / tensorflow - 1.15.4
google / tensorflow 2.0.0 2.0.3
google / tensorflow 2.1.0 2.1.2
google / tensorflow 2.2.0 2.2.1
google / tensorflow 2.3.0 2.3.1
opensuse / leap 15.2 15.2.x
Python icon tensorflow - 1.15.4
Python icon tensorflow 2.0.0 2.0.3
Python icon tensorflow 2.1.0 2.1.2
Python icon tensorflow 2.2.0 2.2.0.x
Python icon tensorflow 2.2.0 2.2.1
Python icon tensorflow 2.3.0 2.3.0.x
Python icon tensorflow 2.3.0 2.3.1
Python icon tensorflow-cpu - 1.15.4
Python icon tensorflow-cpu 2.0.0 2.0.3
Python icon tensorflow-cpu 2.1.0 2.1.2
Python icon tensorflow-cpu 2.2.0 2.2.0.x
Python icon tensorflow-cpu 2.2.0 2.2.1
Python icon tensorflow-cpu 2.3.0 2.3.0.x
Python icon tensorflow-cpu 2.3.0 2.3.1
Python icon tensorflow-gpu - 1.15.4
Python icon tensorflow-gpu 2.0.0 2.0.3
Python icon tensorflow-gpu 2.1.0 2.1.2
Python icon tensorflow-gpu 2.2.0 2.2.0.x
Python icon tensorflow-gpu 2.2.0 2.2.1
Python icon tensorflow-gpu 2.3.0 2.3.0.x
Python icon tensorflow-gpu 2.3.0 2.3.1