CVE-2020-15195 — HIGH (8.5)

Q: How severe is CVE-2020-15195?

CVE-2020-15195 has been rated HIGH with a CVSS base score of 8.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2020-15195?

Check the references section above for vendor advisories and patch information. Affected products include: Google Tensorflow, Opensuse Leap.

Vulnerability Description

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of `SparseFillEmptyRowsGrad` uses a double indexing pattern. It is possible for `reverse_index_map(i)` to be an index outside of bounds of `grad_values`, thus resulting in a heap buffer overflow. The issue is patched in commit 390611e0d45c5793c7066110af37c8514e6a6c54, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.

CVSS Score

8.5

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Google	Tensorflow	< 1.15.4
Opensuse	Leap	15.2

Related Weaknesses (CWE)

CWE-119 CWE-122 CWE-787

References

http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.htmlMailing ListThird Party Advisory
https://github.com/tensorflow/tensorflow/commit/390611e0d45c5793c7066110af37c851PatchThird Party Advisory
https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1Third Party Advisory
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-63xm-rx5p-xvqrExploitThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.htmlMailing ListThird Party Advisory
https://github.com/tensorflow/tensorflow/commit/390611e0d45c5793c7066110af37c851PatchThird Party Advisory
https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1Third Party Advisory
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-63xm-rx5p-xvqrExploitThird Party Advisory

FAQ

What is CVE-2020-15195?

CVE-2020-15195 is a vulnerability with a CVSS score of 8.5 (HIGH). In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of `SparseFillEmptyRowsGrad` uses a double indexing pattern. It is possible for `reverse_index_map(i)` to be an ...

How severe is CVE-2020-15195?

CVE-2020-15195 has been rated HIGH with a CVSS base score of 8.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-15195?

Check the references section above for vendor advisories and patch information. Affected products include: Google Tensorflow, Opensuse Leap.