cvelistv5 - CVE-2020-26266

URL	Tags
security-advisories@github.com	https://github.com/tensorflow/tensorflow/commit/ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qhxx-j73r-qpm2	Exploit, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/tensorflow/tensorflow/commit/ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qhxx-j73r-qpm2	Exploit, Patch, Third Party Advisory

ghsa-qhxx-j73r-qpm2

Vulnerability from github

Published

2020-12-10 19:07

Modified

2024-10-28 19:57

Severity ?

4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
4.8 (Medium) - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

Summary

Uninitialized memory access in TensorFlow

Details

Impact

Under certain cases, a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen:

```cc struct QUInt8 { QUInt8() {} // ... uint8_t value; };

struct QInt16 { QInt16() {} // ... int16_t value; };

struct QUInt16 { QUInt16() {} // ... uint16_t value; };

struct QInt32 { QInt32() {} // ... int32_t value; }; ```

Patches

We have patched the issue in GitHub commit ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2 and will release TensorFlow 2.4.0 containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved.

Since this issue also impacts TF versions before 2.4, we will patch all releases between 1.15 and 2.3 inclusive.

For more information

Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.15.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.0.0"
            },
            {
              "fixed": "2.0.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.1.0"
            },
            {
              "fixed": "2.1.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.2.0"
            },
            {
              "fixed": "2.2.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.3.0"
            },
            {
              "fixed": "2.3.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.15.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.0.0"
            },
            {
              "fixed": "2.0.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.1.0"
            },
            {
              "fixed": "2.1.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.2.0"
            },
            {
              "fixed": "2.2.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.3.0"
            },
            {
              "fixed": "2.3.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.15.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.0.0"
            },
            {
              "fixed": "2.0.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.1.0"
            },
            {
              "fixed": "2.1.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.2.0"
            },
            {
              "fixed": "2.2.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.3.0"
            },
            {
              "fixed": "2.3.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-26266"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-908"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-12-10T19:04:48Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "### Impact\nUnder certain cases, a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to [default initialize the quantized floating point types in Eigen](https://github.com/tensorflow/tensorflow/blob/f70160322a579144950dff1537dcbe3c7c09d6f5/third_party/eigen3/unsupported/Eigen/CXX11/src/FixedPoint/FixedPointTypes.h#L61-L104):\n\n```cc\nstruct QUInt8 {\n  QUInt8() {}\n  // ...\n  uint8_t value;\n};\n\nstruct QInt16 {\n  QInt16() {}\n  // ...\n  int16_t value;\n};\n\nstruct QUInt16 {\n  QUInt16() {}\n  // ...\n  uint16_t value;\n};\n\nstruct QInt32 {\n  QInt32() {}\n  // ...\n  int32_t value;\n};\n```\n\n### Patches\nWe have patched the issue in GitHub commit [ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2](https://github.com/tensorflow/tensorflow/commit/ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2) and will release TensorFlow 2.4.0 containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved.\n\nSince this issue also impacts TF versions before 2.4, we will patch all releases between 1.15 and 2.3 inclusive.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.",
  "id": "GHSA-qhxx-j73r-qpm2",
  "modified": "2024-10-28T19:57:07Z",
  "published": "2020-12-10T19:07:24Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qhxx-j73r-qpm2"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26266"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/commit/ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2020-297.yaml"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2020-332.yaml"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2020-254.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/tensorflow/tensorflow"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Uninitialized memory access in TensorFlow"
}

pysec-2020-332

Vulnerability from pysec

Published

2020-12-10 23:15

Modified

2021-12-09 06:35

Details

In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.

Aliases

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu",
        "purl": "pkg:pypi/tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2"
            }
          ],
          "repo": "https://github.com/tensorflow/tensorflow",
          "type": "GIT"
        },
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.15.5"
            },
            {
              "introduced": "2.0.0"
            },
            {
              "fixed": "2.0.4"
            },
            {
              "introduced": "2.1.0"
            },
            {
              "fixed": "2.1.3"
            },
            {
              "introduced": "2.2.0"
            },
            {
              "fixed": "2.2.2"
            },
            {
              "introduced": "2.3.0"
            },
            {
              "fixed": "2.3.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "0.12.0",
        "0.12.1",
        "1.0.0",
        "1.0.1",
        "1.1.0",
        "1.10.0",
        "1.10.1",
        "1.11.0",
        "1.12.0",
        "1.12.2",
        "1.12.3",
        "1.13.1",
        "1.13.2",
        "1.14.0",
        "1.15.0",
        "1.15.2",
        "1.15.3",
        "1.15.4",
        "1.2.0",
        "1.2.1",
        "1.3.0",
        "1.4.0",
        "1.4.1",
        "1.5.0",
        "1.5.1",
        "1.6.0",
        "1.7.0",
        "1.7.1",
        "1.8.0",
        "1.9.0",
        "2.0.0",
        "2.0.1",
        "2.0.2",
        "2.0.3",
        "2.1.0",
        "2.1.1",
        "2.1.2",
        "2.2.0",
        "2.2.1",
        "2.3.0",
        "2.3.1"
      ]
    }
  ],
  "aliases": [
    "CVE-2020-26266",
    "GHSA-qhxx-j73r-qpm2"
  ],
  "details": "In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.",
  "id": "PYSEC-2020-332",
  "modified": "2021-12-09T06:35:15.994631Z",
  "published": "2020-12-10T23:15:00Z",
  "references": [
    {
      "type": "FIX",
      "url": "https://github.com/tensorflow/tensorflow/commit/ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qhxx-j73r-qpm2"
    }
  ]
}

pysec-2020-297

Vulnerability from pysec

Published

2020-12-10 23:15

Modified

2021-12-09 06:34

Details

In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.

Aliases

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu",
        "purl": "pkg:pypi/tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2"
            }
          ],
          "repo": "https://github.com/tensorflow/tensorflow",
          "type": "GIT"
        },
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.15.5"
            },
            {
              "introduced": "2.0.0"
            },
            {
              "fixed": "2.0.4"
            },
            {
              "introduced": "2.1.0"
            },
            {
              "fixed": "2.1.3"
            },
            {
              "introduced": "2.2.0"
            },
            {
              "fixed": "2.2.2"
            },
            {
              "introduced": "2.3.0"
            },
            {
              "fixed": "2.3.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1.15.0",
        "2.1.0",
        "2.1.1",
        "2.1.2",
        "2.2.0",
        "2.2.1",
        "2.3.0",
        "2.3.1"
      ]
    }
  ],
  "aliases": [
    "CVE-2020-26266",
    "GHSA-qhxx-j73r-qpm2"
  ],
  "details": "In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.",
  "id": "PYSEC-2020-297",
  "modified": "2021-12-09T06:34:44.221678Z",
  "published": "2020-12-10T23:15:00Z",
  "references": [
    {
      "type": "FIX",
      "url": "https://github.com/tensorflow/tensorflow/commit/ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qhxx-j73r-qpm2"
    }
  ]
}

pysec-2020-254

Vulnerability from pysec

Published

2020-12-10 23:15

Modified

2021-08-27 03:22

Details

In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.

Aliases

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow",
        "purl": "pkg:pypi/tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2"
            }
          ],
          "repo": "https://github.com/tensorflow/tensorflow",
          "type": "GIT"
        },
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.15.5"
            },
            {
              "introduced": "2.0.0"
            },
            {
              "fixed": "2.0.4"
            },
            {
              "introduced": "2.1.0"
            },
            {
              "fixed": "2.1.3"
            },
            {
              "introduced": "2.2.0"
            },
            {
              "fixed": "2.2.2"
            },
            {
              "introduced": "2.3.0"
            },
            {
              "fixed": "2.3.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "0.12.0",
        "0.12.0rc0",
        "0.12.0rc1",
        "0.12.1",
        "1.0.0",
        "1.0.1",
        "1.1.0",
        "1.1.0rc0",
        "1.1.0rc1",
        "1.1.0rc2",
        "1.10.0",
        "1.10.0rc0",
        "1.10.0rc1",
        "1.10.1",
        "1.11.0",
        "1.11.0rc0",
        "1.11.0rc1",
        "1.11.0rc2",
        "1.12.0",
        "1.12.0rc0",
        "1.12.0rc1",
        "1.12.0rc2",
        "1.12.2",
        "1.12.3",
        "1.13.0rc0",
        "1.13.0rc1",
        "1.13.0rc2",
        "1.13.1",
        "1.13.2",
        "1.14.0",
        "1.14.0rc0",
        "1.14.0rc1",
        "1.15.0",
        "1.15.0rc0",
        "1.15.0rc1",
        "1.15.0rc2",
        "1.15.0rc3",
        "1.15.2",
        "1.15.3",
        "1.15.4",
        "1.2.0",
        "1.2.0rc0",
        "1.2.0rc1",
        "1.2.0rc2",
        "1.2.1",
        "1.3.0",
        "1.3.0rc0",
        "1.3.0rc1",
        "1.3.0rc2",
        "1.4.0",
        "1.4.0rc0",
        "1.4.0rc1",
        "1.4.1",
        "1.5.0",
        "1.5.0rc0",
        "1.5.0rc1",
        "1.5.1",
        "1.6.0",
        "1.6.0rc0",
        "1.6.0rc1",
        "1.7.0",
        "1.7.0rc0",
        "1.7.0rc1",
        "1.7.1",
        "1.8.0",
        "1.8.0rc0",
        "1.8.0rc1",
        "1.9.0",
        "1.9.0rc0",
        "1.9.0rc1",
        "1.9.0rc2",
        "2.0.0",
        "2.0.1",
        "2.0.2",
        "2.0.3",
        "2.1.0",
        "2.1.1",
        "2.1.2",
        "2.2.0",
        "2.2.1",
        "2.3.0",
        "2.3.1"
      ]
    }
  ],
  "aliases": [
    "CVE-2020-26266",
    "GHSA-qhxx-j73r-qpm2"
  ],
  "details": "In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.",
  "id": "PYSEC-2020-254",
  "modified": "2021-08-27T03:22:22.698179Z",
  "published": "2020-12-10T23:15:00Z",
  "references": [
    {
      "type": "FIX",
      "url": "https://github.com/tensorflow/tensorflow/commit/ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qhxx-j73r-qpm2"
    }
  ]
}

gsd-2020-26266

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.

Aliases

CVE-2020-26266

Aliases

CVE-2020-26266

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-26266",
    "description": "In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.",
    "id": "GSD-2020-26266",
    "references": [
      "https://www.suse.com/security/cve/CVE-2020-26266.html",
      "https://security.archlinux.org/CVE-2020-26266"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-26266"
      ],
      "details": "In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.",
      "id": "GSD-2020-26266",
      "modified": "2023-12-13T01:22:08.782818Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2020-26266",
        "STATE": "PUBLIC",
        "TITLE": "Uninitialized memory access in Eigen types in TensorFlow"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "tensorflow",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "\u003c 1.15.5"
                        },
                        {
                          "version_value": "\u003e= 2.0.0, \u003c 2.0.4"
                        },
                        {
                          "version_value": "\u003e= 2.1.0, \u003c 2.1.3"
                        },
                        {
                          "version_value": "\u003e= 2.2.0, \u003c 2.2.2"
                        },
                        {
                          "version_value": "\u003e= 2.3.0, \u003c 2.3.2"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "tensorflow"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "LOW",
          "baseScore": 4.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-908: Use of Uninitialized Resource"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qhxx-j73r-qpm2",
            "refsource": "CONFIRM",
            "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qhxx-j73r-qpm2"
          },
          {
            "name": "https://github.com/tensorflow/tensorflow/commit/ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2",
            "refsource": "MISC",
            "url": "https://github.com/tensorflow/tensorflow/commit/ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-qhxx-j73r-qpm2",
        "discovery": "UNKNOWN"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "(,1.15.5),[2.0.0,2.0.4),[2.1.0,2.1.3),[2.2.0,2.2.2),[2.3.0,2.3.2)",
          "affected_versions": "All versions before 1.15.5, all versions starting from 2.0.0 before 2.0.4, all versions starting from 2.1.0 before 2.1.3, all versions starting from 2.2.0 before 2.2.2, all versions starting from 2.3.0 before 2.3.2",
          "cvss_v2": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "cwe_ids": [
            "CWE-1035",
            "CWE-908",
            "CWE-937"
          ],
          "date": "2020-12-14",
          "description": "In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen.",
          "fixed_versions": [],
          "identifier": "CVE-2020-26266",
          "identifiers": [
            "CVE-2020-26266",
            "GHSA-qhxx-j73r-qpm2"
          ],
          "not_impacted": "",
          "package_slug": "maven/org.tensorflow/parentpom",
          "pubdate": "2020-12-10",
          "solution": "Unfortunately, there is no solution available yet.",
          "title": "Use of Uninitialized Resource",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2020-26266"
          ],
          "uuid": "c4f09fdd-d252-46ce-9576-bb6576d583f1"
        },
        {
          "affected_range": "\u003c1.15.5||\u003e=2.0.0,\u003c2.0.4||\u003e=2.1.0,\u003c2.1.3||\u003e=2.2.0,\u003c2.2.2||\u003e=2.3.0,\u003c2.3.2",
          "affected_versions": "All versions before 1.15.5, all versions starting from 2.0.0 before 2.0.4, all versions starting from 2.1.0 before 2.1.3, all versions starting from 2.2.0 before 2.2.2, all versions starting from 2.3.0 before 2.3.2",
          "cvss_v2": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "cwe_ids": [
            "CWE-1035",
            "CWE-78",
            "CWE-908",
            "CWE-937"
          ],
          "date": "2021-01-07",
          "description": "In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.",
          "fixed_versions": [
            "1.15.5",
            "2.0.4",
            "2.1.3",
            "2.2.2",
            "2.3.2"
          ],
          "identifier": "CVE-2020-26266",
          "identifiers": [
            "GHSA-qhxx-j73r-qpm2",
            "CVE-2020-26266"
          ],
          "not_impacted": "All versions starting from 1.15.5 before 2.0.0, all versions starting from 2.0.4 before 2.1.0, all versions starting from 2.1.3 before 2.2.0, all versions starting from 2.2.2 before 2.3.0, all versions starting from 2.3.2",
          "package_slug": "pypi/tensorflow-cpu",
          "pubdate": "2020-12-10",
          "solution": "Upgrade to versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2 or above.",
          "title": "Use of Uninitialized Resource",
          "urls": [
            "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qhxx-j73r-qpm2",
            "https://github.com/tensorflow/tensorflow/commit/ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2",
            "https://nvd.nist.gov/vuln/detail/CVE-2020-26266",
            "https://github.com/advisories/GHSA-qhxx-j73r-qpm2"
          ],
          "uuid": "eef2146c-36cb-41d7-bdab-07b64c658efd"
        },
        {
          "affected_range": "\u003c1.15.5||\u003e=2.0.0,\u003c2.0.4||\u003e=2.1.0,\u003c2.1.3||\u003e=2.2.0,\u003c2.2.2||\u003e=2.3.0,\u003c2.3.2",
          "affected_versions": "All versions before 1.15.5, all versions starting from 2.0.0 before 2.0.4, all versions starting from 2.1.0 before 2.1.3, all versions starting from 2.2.0 before 2.2.2, all versions starting from 2.3.0 before 2.3.2",
          "cvss_v2": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "cwe_ids": [
            "CWE-1035",
            "CWE-78",
            "CWE-908",
            "CWE-937"
          ],
          "date": "2021-01-07",
          "description": "In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.",
          "fixed_versions": [
            "1.15.5",
            "2.0.4",
            "2.1.3",
            "2.2.2",
            "2.3.2"
          ],
          "identifier": "CVE-2020-26266",
          "identifiers": [
            "GHSA-qhxx-j73r-qpm2",
            "CVE-2020-26266"
          ],
          "not_impacted": "All versions starting from 1.15.5 before 2.0.0, all versions starting from 2.0.4 before 2.1.0, all versions starting from 2.1.3 before 2.2.0, all versions starting from 2.2.2 before 2.3.0, all versions starting from 2.3.2",
          "package_slug": "pypi/tensorflow-gpu",
          "pubdate": "2020-12-10",
          "solution": "Upgrade to versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2 or above.",
          "title": "Use of Uninitialized Resource",
          "urls": [
            "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qhxx-j73r-qpm2",
            "https://github.com/tensorflow/tensorflow/commit/ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2",
            "https://nvd.nist.gov/vuln/detail/CVE-2020-26266",
            "https://github.com/advisories/GHSA-qhxx-j73r-qpm2"
          ],
          "uuid": "e5eea5dc-6a2a-44ed-8580-e0e3ddf6f35a"
        },
        {
          "affected_range": "\u003c1.15.5||\u003e=2.0.0,\u003c2.0.4||\u003e=2.1.0,\u003c2.1.3||\u003e=2.2.0,\u003c2.2.2||\u003e=2.3.0,\u003c2.3.2",
          "affected_versions": "All versions before 1.15.5, all versions starting from 2.0.0 before 2.0.4, all versions starting from 2.1.0 before 2.1.3, all versions starting from 2.2.0 before 2.2.2, all versions starting from 2.3.0 before 2.3.2",
          "cvss_v2": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "cwe_ids": [
            "CWE-1035",
            "CWE-908",
            "CWE-937"
          ],
          "date": "2020-12-14",
          "description": "In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen.",
          "fixed_versions": [
            "2.4.0"
          ],
          "identifier": "CVE-2020-26266",
          "identifiers": [
            "CVE-2020-26266",
            "GHSA-qhxx-j73r-qpm2"
          ],
          "not_impacted": "All versions starting from 1.15.5 before 2.0.0, all versions starting from 2.0.4 before 2.1.0, all versions starting from 2.1.3 before 2.2.0, all versions starting from 2.2.2 before 2.3.0, all versions starting from 2.3.2",
          "package_slug": "pypi/tensorflow",
          "pubdate": "2020-12-10",
          "solution": "Upgrade to version 2.4.0 or above.",
          "title": "Use of Uninitialized Resource",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2020-26266"
          ],
          "uuid": "9fbfdaf1-1d5f-47f1-bee7-352fae943f9a"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.15.5",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.0.4",
                "versionStartIncluding": "2.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.1.3",
                "versionStartIncluding": "2.1.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.2.2",
                "versionStartIncluding": "2.2.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.3.2",
                "versionStartIncluding": "2.3.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2020-26266"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-908"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/tensorflow/tensorflow/commit/ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/tensorflow/tensorflow/commit/ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2"
            },
            {
              "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qhxx-j73r-qpm2",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qhxx-j73r-qpm2"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 3.4
        }
      },
      "lastModifiedDate": "2020-12-14T17:54Z",
      "publishedDate": "2020-12-10T23:15Z"
    }
  }
}

CVE-2020-26266

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature

Action not permitted

CVE-2020-26266

Vulnerability from cvelistv5

ghsa-qhxx-j73r-qpm2

Vulnerability from github

Impact

Patches

For more information

pysec-2020-332

Vulnerability from pysec

pysec-2020-297

Vulnerability from pysec

pysec-2020-254

Vulnerability from pysec

gsd-2020-26266

Vulnerability from gsd

Tags

Sightings

Nomenclature