Bug 1179938 (CVE-2020-26270) - VUL-1: CVE-2020-26270: tensorflow, tensorflow2: zero-length input in LSTM/GRU layer can cause DoS
Summary: VUL-1: CVE-2020-26270: tensorflow, tensorflow2: zero-length input in LSTM/GRU...
Status: RESOLVED FIXED
Alias: CVE-2020-26270
Product: openSUSE Distribution
Classification: openSUSE
Component: Security (show other bugs)
Version: Leap 15.2
Hardware: Other Other
: P4 - Low : Minor (vote)
Target Milestone: ---
Assignee: Christian Goll
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/273151/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-12-11 10:06 UTC by Johannes Segitz
Modified: 2024-03-28 13:49 UTC (History)
0 users

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2020-12-11 10:06:25 UTC 
CVE-2020-26270

In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU
layer receives an input with zero-length results in a CHECK failure when using
the CUDA backend. This can result in a query-of-death vulnerability, via denial
of service, if users can control the input to the layer. This is fixed in
versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.

Leap and Factory affected

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26270
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26270
https://github.com/tensorflow/tensorflow/commit/14755416e364f17fb1870882fa778c7fec7f16e3
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m648-33qf-v3gp
Comment 1 Christian Goll 2020-12-18 10:01:38 UTC 
SR#856850 to devel repo fixes this
Comment 2 Christian Goll 2024-03-28 13:49:34 UTC 
Tensorflow 2.7 is in factory (although doesn't build actually), so closing this one