CVE-2020-26268

Public Exploit
Write to immutable memory region in TensorFlow

Description

In affected versions of TensorFlow the tf.raw_ops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable. However, if the type of the tensor is not an integral type, the operation crashes the Python interpreter as it tries to write to the memory area. If the file is too small, TensorFlow properly returns an error as the memory area has fewer bytes than what is needed for the tensor it creates. However, as soon as there are enough bytes, the above snippet causes a segmentation fault. This is because the allocator used to return the buffer data is not marked as returning an opaque handle since the needed virtual method is not overridden. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.

Category

4.4
CVSS
Severity: Medium
CVSS 3.1 •
CVSS 2.0 •
EPSS 0.05%
Third-Party Advisory github.com Third-Party Advisory github.com
Affected: tensorflow tensorflow
Published at:
Updated at:

References

Link Tags
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hhvc-g5hv-48c6 third party advisory exploit
https://github.com/tensorflow/tensorflow/commit/c1e1fc899ad5f8c725dcbb6470069890b5060bc7 third party advisory patch

Frequently Asked Questions

What is the severity of CVE-2020-26268?
CVE-2020-26268 has been scored as a medium severity vulnerability.
How to fix CVE-2020-26268?
To fix CVE-2020-26268, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2020-26268 being actively exploited in the wild?
It is possible that CVE-2020-26268 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2020-26268?
CVE-2020-26268 affects tensorflow tensorflow.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.