CVE-2020-15202

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-15202
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-15202.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-15202
Aliases
Downstream
Related
Published
2020-09-25T19:15:15.493Z
Modified
2026-04-11T21:19:56.671546Z
Severity
  • 9.0 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the Shard API in TensorFlow expects the last argument to be a function taking two int64 (i.e., long long) arguments. However, there are several places in TensorFlow where a lambda taking int or int32 arguments is being used. In these cases, if the amount of work to be parallelized is large enough, integer truncation occurs. Depending on how the two arguments of the lambda are used, this can result in segfaults, read/write outside of heap allocated arrays, stack overflows, or data corruption. The issue is patched in commits 27b417360cbd671ef55915e4bb6bb06af8b8a832 and ca8c013b5e97b1373b3bb1c97ea655e69f31a575, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.

References

Affected packages

Git / github.com/tensorflow/tensorflow

Affected ranges

Type
GIT
Repo
https://github.com/tensorflow/tensorflow
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
df8c55ce12b5cfc6f29b01889f7773911a75e6ef
Introduced
64c3d382cadf7bbe8e7e99884bede8284ff67f56
Fixed
295ad2781683835be974faba0a191528d8079768
Introduced
e5bf8de410005de06a7ff5393fafdf832ef1d4ad
Fixed
ab35f2bf7132f9d20a0bea9a5d1849862737d4b4
Introduced
2b96f3662bd776e277f86997659e61046b56c315
Fixed
25fba035f3e453d94490932096282c7b0624bbb3
Introduced
b36436b087bd8e8701ef51718179037cccdfc26e
Fixed
fcc4b966f1265f466e82617020af93670141b009
Fixed
27b417360cbd671ef55915e4bb6bb06af8b8a832
Fixed
ca8c013b5e97b1373b3bb1c97ea655e69f31a575
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.15.4"
        },
        {
            "introduced": "2.0.0"
        },
        {
            "fixed": "2.0.3"
        },
        {
            "introduced": "2.1.0"
        },
        {
            "fixed": "2.1.2"
        },
        {
            "introduced": "2.2.0"
        },
        {
            "fixed": "2.2.1"
        },
        {
            "introduced": "2.3.0"
        },
        {
            "fixed": "2.3.1"
        }
    ]
}

Affected versions

0.*
0.5.0
0.6.0
v1.*
v1.1.0-rc1
v1.1.0-rc2
v1.12.1
v1.15.0
v1.15.0-rc0
v1.15.0-rc1
v1.15.0-rc2
v1.15.0-rc3
v1.15.2
v1.15.3
v1.6.0-rc1
v1.9.0-rc2
v2.*
v2.0.0
v2.0.1
v2.0.2
v2.1.0
v2.1.1
v2.2.0
v2.3.0

Database specific

unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "15.2"
            }
        ]
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-15202.json"
vanir_signatures_modified 
"2026-04-11T21:19:56Z"
vanir_signatures 
[
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "76522214173436047375791787445764351902",
                "251069558902172989654234900463356936711",
                "64133528541827585722070207894526948030",
                "24778865296730026768336390480983944469"
            ]
        },
        "id": "CVE-2020-15202-0503e122",
        "signature_version": "v1",
        "source": "https://github.com/tensorflow/tensorflow/commit/ca8c013b5e97b1373b3bb1c97ea655e69f31a575",
        "deprecated": false,
        "signature_type": "Line",
        "target": {
            "file": "tensorflow/core/kernels/topk_op.cc"
        }
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "127673812065743489622579631479231187116",
                "115883249635117771978262382218551177437",
                "179699857159232576660471907586812719470",
                "282183227558066642916870584276345562963"
            ]
        },
        "id": "CVE-2020-15202-285dcd5b",
        "signature_version": "v1",
        "source": "https://github.com/tensorflow/tensorflow/commit/27b417360cbd671ef55915e4bb6bb06af8b8a832",
        "deprecated": false,
        "signature_type": "Line",
        "target": {
            "file": "tensorflow/core/kernels/random_op.cc"
        }
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "58185359190645451083182359192435923593",
                "121836043419759626881226105403575566976",
                "68809376081251340786311124575075854565",
                "184133931029712663206991783415301782615",
                "141890636621652983017445151798594154627",
                "120008381741880098412888339471202175764",
                "200132040647892950965246711544206592211",
                "305956264687131165837804166410874038781"
            ]
        },
        "id": "CVE-2020-15202-388d829e",
        "signature_version": "v1",
        "source": "https://github.com/tensorflow/tensorflow/commit/ca8c013b5e97b1373b3bb1c97ea655e69f31a575",
        "deprecated": false,
        "signature_type": "Line",
        "target": {
            "file": "tensorflow/core/kernels/image/crop_and_resize_op.cc"
        }
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "16503530223465914650326778346945576132",
                "69917128178575714253350209538686540484",
                "280130023087423644956112740636005532670",
                "115561061948106686141201197198850226603"
            ]
        },
        "id": "CVE-2020-15202-5746462e",
        "signature_version": "v1",
        "source": "https://github.com/tensorflow/tensorflow/commit/ca8c013b5e97b1373b3bb1c97ea655e69f31a575",
        "deprecated": false,
        "signature_type": "Line",
        "target": {
            "file": "tensorflow/core/kernels/nth_element_op.cc"
        }
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "311857473137336276809078584928509253881",
                "145200427811153236372005804105714212704",
                "317532754562323792495098968070106934582",
                "282183227558066642916870584276345562963"
            ]
        },
        "id": "CVE-2020-15202-5bc480e6",
        "signature_version": "v1",
        "source": "https://github.com/tensorflow/tensorflow/commit/ca8c013b5e97b1373b3bb1c97ea655e69f31a575",
        "deprecated": false,
        "signature_type": "Line",
        "target": {
            "file": "tensorflow/core/kernels/stateless_random_ops.cc"
        }
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "20684871070024043241034515558560823589",
                "315572307899962111122285125756291523683",
                "18476793605358095461206707654931656479",
                "302479254191776488337822911832410061979"
            ]
        },
        "id": "CVE-2020-15202-5fa25244",
        "signature_version": "v1",
        "source": "https://github.com/tensorflow/tensorflow/commit/ca8c013b5e97b1373b3bb1c97ea655e69f31a575",
        "deprecated": false,
        "signature_type": "Line",
        "target": {
            "file": "tensorflow/core/kernels/linalg/banded_triangular_solve_op.cc"
        }
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "65402930557305111109094323625547391566",
                "180639688932648031934649410730627595143",
                "90389278723123074144713918027306501693",
                "217893695720517477055469910417793543153",
                "299368296802679720593664134155350995124",
                "198911484875003549558588729545316199232",
                "319635250752536177884910275713750112874",
                "142492151711402795277630382152305272039",
                "235365852518916415856022896906468223401",
                "246594358939414688334702348201411287267"
            ]
        },
        "id": "CVE-2020-15202-6d8fa72e",
        "signature_version": "v1",
        "source": "https://github.com/tensorflow/tensorflow/commit/ca8c013b5e97b1373b3bb1c97ea655e69f31a575",
        "deprecated": false,
        "signature_type": "Line",
        "target": {
            "file": "tensorflow/core/kernels/parameterized_truncated_normal_op.cc"
        }
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "49388362587070857883011424938051732275",
                "182345833524769119674858062048875688048",
                "159281066571211044658814791462852431156",
                "165862920666101699034185022357112945124",
                "160332501408818180563375474413769704281",
                "133624535692348618945257612964987686627",
                "70146357367283853397304646523304066958",
                "194888998010657877617798893389703908301",
                "340024752766524227460244902722503938610",
                "251900994400534352265889644797477686757",
                "235264123759149857307401783014601954619",
                "265169989207798012169191867407444375818"
            ]
        },
        "id": "CVE-2020-15202-8d6bcc23",
        "signature_version": "v1",
        "source": "https://github.com/tensorflow/tensorflow/commit/ca8c013b5e97b1373b3bb1c97ea655e69f31a575",
        "deprecated": false,
        "signature_type": "Line",
        "target": {
            "file": "tensorflow/core/kernels/boosted_trees/prediction_ops.cc"
        }
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "85996234445220541315962421172033354292",
                "125979212587680147467816371163899976341",
                "236405319715375809980413098239884364067",
                "117459159471670142061662019933127385802"
            ]
        },
        "id": "CVE-2020-15202-ba79abf1",
        "signature_version": "v1",
        "source": "https://github.com/tensorflow/tensorflow/commit/ca8c013b5e97b1373b3bb1c97ea655e69f31a575",
        "deprecated": false,
        "signature_type": "Line",
        "target": {
            "file": "tensorflow/core/kernels/random_binomial_op.cc"
        }
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "182182534082564078562929145736446618543",
                "107179309103464964803450747305323035393",
                "61745639076349294345544669991714919652",
                "249481167367796814478761019073950339557"
            ]
        },
        "id": "CVE-2020-15202-d187bcd4",
        "signature_version": "v1",
        "source": "https://github.com/tensorflow/tensorflow/commit/ca8c013b5e97b1373b3bb1c97ea655e69f31a575",
        "deprecated": false,
        "signature_type": "Line",
        "target": {
            "file": "tensorflow/core/kernels/random_poisson_op.cc"
        }
    }
]