CVE-2020-26267

Public Exploit

Lack of validation in data format attributes in TensorFlow

Description

In affected versions of TensorFlow the tf.raw_ops.DataFormatVecPermute API does not validate the src_format and dst_format attributes. The code assumes that these two arguments define a permutation of NHWC. This can result in uninitialized memory accesses, read outside of bounds and even crashes. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.

References

Link	Tags
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c9f3-9wfr-wgh7	exploit third party advisory patch
https://github.com/tensorflow/tensorflow/commit/ebc70b7a592420d3d2f359e4b1694c236b82c7ae	third party advisory patch

Frequently Asked Questions

What is the severity of CVE-2020-26267?: CVE-2020-26267 has been scored as a medium severity vulnerability.
How to fix CVE-2020-26267?: To fix CVE-2020-26267, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2020-26267 being actively exploited in the wild?: It is possible that CVE-2020-26267 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2020-26267?: CVE-2020-26267 affects tensorflow tensorflow.

This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.

Description

Category

CWE-125 – Out-of-bounds Read

References

Frequently Asked Questions