ID CVE-2020-26268
Summary In affected versions of TensorFlow the tf.raw_ops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable. However, if the type of the tensor is not an integral type, the operation crashes the Python interpreter as it tries to write to the memory area. If the file is too small, TensorFlow properly returns an error as the memory area has fewer bytes than what is needed for the tensor it creates. However, as soon as there are enough bytes, the above snippet causes a segmentation fault. This is because the allocator used to return the buffer data is not marked as returning an opaque handle since the needed virtual method is not overridden. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.
References
Vulnerable Configurations
  • cpe:2.3:a:google:tensorflow:0.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.8.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.8.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.8.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.8.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.9.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.9.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.9.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.9.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.10.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.10.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.10.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.10.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.11.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.11.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.11.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.11.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.11.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.11.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.11.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.11.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.12.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.12.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.12.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.12.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.12.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.12.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.0.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.0.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.0.0:alpha:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.0.0:alpha:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.0.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.0.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.0.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.0.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.0.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.0.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.1.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.1.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.1.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.1.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.1.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.1.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.1.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.1.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.2.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.2.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.2.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.2.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.2.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.2.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.2.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.2.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.3.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.3.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.3.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.3.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.3.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.3.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.3.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.3.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.4.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.4.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.4.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.4.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.4.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.4.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.5.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.5.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.5.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.5.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.5.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.5.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.6.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.6.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.6.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.6.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.6.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.6.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.7.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.7.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.7.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.7.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.7.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.7.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.8.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.8.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.8.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.8.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.8.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.8.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.9.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.9.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.9.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.9.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.9.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.9.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.9.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.9.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.10.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.10.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.10.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.10.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.10.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.10.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.10.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.10.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.11.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.11.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.11.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.11.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.11.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.11.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.11.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.11.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.12.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.12.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.12.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.12.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.12.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.12.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.12.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.12.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.12.2:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.12.2:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.12.3:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.12.3:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.13.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.13.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.13.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.13.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.13.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.13.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.13.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.13.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.13.2:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.13.2:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.14.0:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.14.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.14.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.14.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.14.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.14.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.14.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.15.0:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.15.0:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.15.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.15.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.15.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.15.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.15.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.15.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.15.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.15.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.15.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.15.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.15.2:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.15.2:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.0.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.0.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.0.0:alpha0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.0.0:alpha0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.0.0:beta0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.0.0:beta0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.0.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.0.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.0.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.0.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.0.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.0.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.0.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.0.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.1.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.1.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.1.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.1.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.1.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.1.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.1.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.1.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*
CVSS
Base: 3.6 (as of 14-12-2020 - 17:40)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:N/I:P/A:P
refmap via4
confirm https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hhvc-g5hv-48c6
misc https://github.com/tensorflow/tensorflow/commit/c1e1fc899ad5f8c725dcbb6470069890b5060bc7
Last major update 14-12-2020 - 17:40
Published 10-12-2020 - 23:15
Last modified 14-12-2020 - 17:40
Back to Top