CVE-2020-15265 log

Source
Severity Medium
Remote No
Type Denial of service
Description
In Tensorflow before version 2.4.0, an attacker can pass an invalid axis value to tf.quantization.quantize_and_dequantize. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dim_size only does a DCHECK to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, DCHECK-like macros are no-ops, this results in segfault and access out of bounds of the array.
Group Package Affected Fixed Severity Status Ticket
AVG-1350 tensorflow 2.3.1-7 2.4.0rc4-1 Medium Fixed
References
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c
https://github.com/tensorflow/tensorflow/issues/42105
https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808