SCA: security update for tensorflow, tensorflow-cpu, tensorflow-gpu (GHSA-cvpc-8phh-8f45)

medium Tenable Cloud Security Plugin ID 414113

Description

There are packages installed that are affected by a vulnerability referenced in the following CVE:

- In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer
format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators
and each operator has a set of input/output tensors. The flatbuffer format uses indices for the tensors,
indexing into an array of tensors that is owned by the subgraph. This results in a pattern of double array
indexing when trying to get the data of each tensor. However, some operators can have some tensors be
optional. To handle this scenario, the flatbuffer model uses a negative `-1` value as index for these
tensors. This results in special casing during validation at model loading time. Unfortunately, this means
that the `-1` index is a valid tensor index for any operator, including those that don't expect optional
inputs and including for output tensors. Thus, this allows writing and reading from outside the bounds of
heap allocated arrays, although only at a specific offset from the start of these arrays. This results in
both read and write gadgets, albeit very limited in scope. The issue is patched in several commits
(46d5b0852, 00302787b7, e11f5558, cd31fd0ce, 1970c21, and fff2c83), and is released in TensorFlow versions
1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1. A potential workaround would be to add a custom `Verifier` to the
model loading code to ensure that only operators which accept optional inputs use the `-1` special value
and only for the tensors that they expect to be optional. Since this allow-list type approach is erro-
prone, we advise upgrading to the patched code. (CVE-2020-15211)

See Also

https://github.com/advisories/GHSA-cvpc-8phh-8f45

Plugin Details

Severity: Medium

ID: 414113

Version: Revision 1.5

Type: Local

Family: SCA Checks

Published: 1/23/2025

Updated: 7/2/2026

Supported Sensors: Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Medium

Score: 4.1

Percentile: 52.96

Vendor

Vendor Severity: Medium

CVSS v2

Risk Factor: Medium

Base Score: 5.8

Temporal Score: 4.5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2020-15211

CVSS v3

Risk Factor: Medium

Base Score: 4.8

Temporal Score: 4.3

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS v4

Risk Factor: Medium

Base Score: 6.3

Threat Score: 2.9

Threat Vector: CVSS:4.0/E:P

Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/25/2020

Vulnerability Publication Date: 9/25/2020

Reference Information

CVE: CVE-2020-15211