Use of Uninitialized Resource
CVE-2020-15193
Summary
In Tensorflow 2.2.0rc0 before versions 2.2.1 and 2.3.0rc0 before 2.3.1, the implementation of `dlpack.to_dlpack` can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing stopping users from passing in a Python object instead of a tensor. The uninitialized memory address is due to a `reinterpret_cast` Since the `PyObject` is a Python object, not a TensorFlow Tensor, the cast to `EagerTensor` fails.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- NONE
- LOW
- NONE
- LOW
CWE-908 - Use of Uninitialized Resource
The software uses or accesses a resource that has not been initialized.
References
Advisory Timeline
- Published