| Vulnerability Name: | CVE-2020-26269 (CCN-193280) | ||||||||||||
| Assigned: | 2020-12-09 | ||||||||||||
| Published: | 2020-12-09 | ||||||||||||
| Updated: | 2021-08-17 | ||||||||||||
| Summary: | In TensorFlow release candidate versions 2.4.0rc*, the general implementation for matching filesystem paths to globbing pattern is vulnerable to an access out of bounds of the array holding the directories. There are multiple invariants and preconditions that are assumed by the parallel implementation of GetMatchingPaths but are not verified by the PRs introducing it (#40861 and #44310). Thus, we are completely rewriting the implementation to fully specify and validate these. This is patched in version 2.4.0. This issue only impacts master branch and the release candidates for TF version 2.4. The final release of the 2.4 release will be patched. | ||||||||||||
| CVSS v3 Severity: | 7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) 6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
| ||||||||||||
| Vulnerability Type: | CWE-125 | ||||||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2020-26269 Source: XF Type: UNKNOWN tensorflow-cve202026269-dos(193280) Source: MISC Type: Patch, Third Party Advisory https://github.com/tensorflow/tensorflow/commit/8b5b9dc96666a3a5d27fad7179ff215e3b74b67c Source: CCN Type: TensorFlow GIT Repository Heap out of bounds read in filesystem glob matching Source: CONFIRM Type: Exploit, Patch, Third Party Advisory https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9jjw-hf72-3mxw Source: CCN Type: IBM Security Bulletin 6412349 (Watson Machine Learning Community Edition) TensorFlow in Watson Machine Learning Community Edition 1.6.2 and 1.7.0 has been patched for various security issues. Source: CCN Type: IBM Security Bulletin 6416135 (Watson Discovery) IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in TensorFlow Source: CCN Type: IBM Security Bulletin 6469403 (Watson Machine Learning on CP4D) Multiple TensorFlow Vulnerabilities Affect IBM Watson Machine Learning on CP4D | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||