Lucene search
GoogleOSV:PYSEC-2020-275HistorySep 25, 2020 - 7:15 p.m.
PYSEC-2020-275
2020-09-2519:15:00
Google
osv.dev
11
tensorflow
heap buffer overflow
vulnerability
patch
EPSS
0.005
Percentile
75.3%
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of SparseFillEmptyRowsGrad uses a double indexing pattern. It is possible for reverse_index_map(i) to be an index outside of bounds of grad_values, thus resulting in a heap buffer overflow. The issue is patched in commit 390611e0d45c5793c7066110af37c8514e6a6c54, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.
Related
veracode
veracode
Arbitrary Code Execution
2020-09-28 07:01:26
prion
prion
Heap overflow
2020-09-25 19:15:00
osv
osv
cvelist
cvelist
CVE-2020-15195 Heap buffer overflow in Tensorflow
2020-09-25 18:40:41
cve
cve
CVE-2020-15195
2020-09-25 19:15:14
nvd
nvd
CVE-2020-15195
2020-09-25 19:15:14
github
github
Heap buffer overflow in Tensorflow
2020-09-25 18:28:29
suse
suse
Security update for tensorflow2 (moderate)
2020-10-29 00:00:00
nessus
nessus
openSUSE Security Update : tensorflow2 (openSUSE-2020-1766)
2020-10-30 00:00:00
openvas
openvas
openSUSE: Security Advisory for tensorflow2 (openSUSE-SU-2020:1766-1)
2020-10-30 00:00:00
