Lucene search
GoogleOSV:CVE-2020-26270HistoryDec 10, 2020 - 11:15 p.m.
CVE-2020-26270
2020-12-1023:15:12
Google
osv.dev
9
tensorflow vulnerability
lstm/gru model
cuda backend
denial of service
input control
In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a query-of-death vulnerability, via denial of service, if users can control the input to the layer. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.
Related
osv
osv
CHECK-fail in LSTM with zero-length input in TensorFlow
2020-12-10 19:07:31
PYSEC-2020-301
2020-12-10 23:15:00
PYSEC-2020-336
2020-12-10 23:15:00
prion
prion
Input validation
2020-12-10 23:15:00
cvelist
cvelist
CVE-2020-26270 CHECK-fail in LSTM with zero-length input in TensorFlow
2020-12-10 22:10:23
nvd
nvd
CVE-2020-26270
2020-12-10 23:15:12
github
github
CHECK-fail in LSTM with zero-length input in TensorFlow
2020-12-10 19:07:31
cve
cve
CVE-2020-26270
2020-12-10 23:15:12
veracode
veracode
Denial Of Service (DoS)
2020-12-11 03:29:33
ibm
ibm
archlinux
archlinux
[ASA-202012-22] tensorflow: multiple issues
2020-12-16 00:00:00
nessus
nessus
openSUSE 15 Security Update : tensorflow2 (openSUSE-SU-2022:10014-1)
2022-06-19 00:00:00
suse
suse
Security update for tensorflow2 (moderate)
2022-06-18 00:00:00