Lucene search
GoogleOSV:PYSEC-2020-336HistoryDec 10, 2020 - 11:15 p.m.
PYSEC-2020-336
2020-12-1023:15:00
Google
osv.dev
10
tensorflow
lstm
gru
denial of service
vulnerability
cuda backend
input control
fix
versions.
EPSS
0
Percentile
12.6%
In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a query-of-death vulnerability, via denial of service, if users can control the input to the layer. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.
Related
osv
osv
CHECK-fail in LSTM with zero-length input in TensorFlow
2020-12-10 19:07:31
PYSEC-2020-301
2020-12-10 23:15:00
CVE-2020-26270
2020-12-10 23:15:12
prion
prion
Input validation
2020-12-10 23:15:00
cvelist
cvelist
CVE-2020-26270 CHECK-fail in LSTM with zero-length input in TensorFlow
2020-12-10 22:10:23
nvd
nvd
CVE-2020-26270
2020-12-10 23:15:12
github
github
CHECK-fail in LSTM with zero-length input in TensorFlow
2020-12-10 19:07:31
cve
cve
CVE-2020-26270
2020-12-10 23:15:12
veracode
veracode
Denial Of Service (DoS)
2020-12-11 03:29:33
ibm
ibm
archlinux
archlinux
[ASA-202012-22] tensorflow: multiple issues
2020-12-16 00:00:00
nessus
nessus
openSUSE 15 Security Update : tensorflow2 (openSUSE-SU-2022:10014-1)
2022-06-19 00:00:00
suse
suse
Security update for tensorflow2 (moderate)
2022-06-18 00:00:00