CVE-2020-15209

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-15209
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-15209.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2020-15209
Aliases
Downstream
Related
Published
2020-09-25T19:15:16Z
Modified
2025-10-13T10:31:44.675987Z
Severity
  • 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a nullptr buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one. The runtime assumes that these buffers are written to before a possible read, hence they are initialized with nullptr. However, by changing the buffer index for a tensor and implicitly converting that tensor to be a read-write one, as there is nothing in the model that writes to it, we get a null pointer dereference. The issue is patched in commit 0b5662bc, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.

References

Affected packages

Git / github.com/tensorflow/tensorflow

Affected ranges

Type
GIT
Repo
https://github.com/tensorflow/tensorflow
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
0b5662bc2be13a8c8f044d925d87fb6e56247cd8
Fixed
fcc4b966f1265f466e82617020af93670141b009

Affected versions

0.*

0.12.0-rc0
0.12.0-rc1
0.12.1
0.5.0
0.6.0

v0.*

v0.10.0
v0.10.0rc0
v0.11.0
v0.11.0rc0
v0.11.0rc1
v0.11.0rc2
v0.12.0
v0.7.0
v0.7.1
v0.8.0rc0
v0.9.0
v0.9.0rc0

v1.*

v1.0.0
v1.0.0-alpha
v1.0.0-rc0
v1.0.0-rc1
v1.0.0-rc2
v1.1.0
v1.1.0-rc0
v1.1.0-rc1
v1.1.0-rc2
v1.12.0
v1.12.0-rc0
v1.12.0-rc1
v1.12.0-rc2
v1.12.1
v1.2.0
v1.2.0-rc0
v1.2.0-rc1
v1.2.0-rc2
v1.3.0-rc0
v1.3.0-rc1
v1.5.0
v1.5.0-rc0
v1.5.0-rc1
v1.6.0
v1.6.0-rc0
v1.6.0-rc1
v1.7.0
v1.7.0-rc0
v1.7.0-rc1
v1.8.0
v1.8.0-rc0
v1.8.0-rc1
v1.9.0
v1.9.0-rc0
v1.9.0-rc1
v1.9.0-rc2

v2.*

v2.3.0
v2.3.0-rc0
v2.3.0-rc1
v2.3.0-rc2

Database specific 

{
    "vanir_signatures": [
        {
            "id": "CVE-2020-15209-1c08137f",
            "source": "https://github.com/tensorflow/tensorflow/commit/0b5662bc2be13a8c8f044d925d87fb6e56247cd8",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "118310501331616023350717681784829709784",
                    "57364967679429806816256655767148470264",
                    "102921009719167603431635488173237461403",
                    "53810865977217055415276430758078361965",
                    "305638738759426742636057687230277032594",
                    "34872329951284026900110491077515923900",
                    "202202117899958313685333926239881024739",
                    "157562451449126841672195308694127197625",
                    "149073477471276229723057206179610917054",
                    "274105956972391255319063024138059560180",
                    "230596824339254107197600048256212159624",
                    "309207681048257396052300636804196043320",
                    "65600312656929052008905661471385857207",
                    "144945867077828154796586203507136244400",
                    "124552705122710412742356347640769760909",
                    "131598364421439620296301899740248428117",
                    "189004029897638777771318898477545259908",
                    "84070706133558568929049029694655438503"
                ]
            },
            "target": {
                "file": "tensorflow/lite/model_test.cc"
            }
        },
        {
            "id": "CVE-2020-15209-432c9fb2",
            "source": "https://github.com/tensorflow/tensorflow/commit/0b5662bc2be13a8c8f044d925d87fb6e56247cd8",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "digest": {
                "length": 2213.0,
                "function_hash": "66171894964802191235365235219766751684"
            },
            "target": {
                "file": "tensorflow/lite/core/subgraph.cc",
                "function": "Subgraph::Invoke"
            }
        },
        {
            "id": "CVE-2020-15209-54e67227",
            "source": "https://github.com/tensorflow/tensorflow/commit/0b5662bc2be13a8c8f044d925d87fb6e56247cd8",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "288632793624738279975311723889403186854",
                    "231838817353400695959687593382318508022",
                    "136835989989611429058744611617542146033",
                    "319476659976459967670411920219287419521",
                    "259493130716973356554453251726916005105",
                    "55895977300738371728966476833896950516",
                    "80620433833618409211919915782517539096",
                    "82089039147305956708211307876170608615"
                ]
            },
            "target": {
                "file": "tensorflow/lite/core/subgraph.cc"
            }
        },
        {
            "id": "CVE-2020-15209-94238736",
            "source": "https://github.com/tensorflow/tensorflow/commit/0b5662bc2be13a8c8f044d925d87fb6e56247cd8",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "digest": {
                "length": 474.0,
                "function_hash": "72409903535934688868846486751425969565"
            },
            "target": {
                "file": "tensorflow/lite/model_test.cc",
                "function": "TEST"
            }
        }
    ]
}