CVE-2020-15266 – tensorflow

Package

Manager: pip
Name: tensorflow
Vulnerable Version: >=0 <2.4.0

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

EPSS: 0.00129 pctl0.33199

Details

Float cast overflow undefined behavior ### Impact When the `boxes` argument of `tf.image.crop_and_resize` has a very large value, the CPU kernel implementation receives it as a C++ `nan` floating point value. Attempting to operate on this is undefined behavior which later produces a segmentation fault. ### Patches We have patched the issue in c0319231333f0f16e1cc75ec83660b01fedd4182 and will release TensorFlow 2.4.0 containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved. ### For more information Please consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions. ### Attribution This vulnerability has been reported in #42129

Metadata

Created: 2020-11-13T17:18:29Z
Modified: 2024-10-28T14:46:31Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/11/GHSA-xwhf-g6j5-j5gc/GHSA-xwhf-g6j5-j5gc.json
CWE IDs: ["CWE-119"]
Alternative ID: GHSA-xwhf-g6j5-j5gc
Finding: F316
Auto approve: 1