CVE-2020-26271
MEDIUMDescription
In affected versions of TensorFlow under certain cases, loading a saved model can result in accessing uninitialized memory while building the computation graph. The MakeEdge function creates an edge between one output tensor of the src node (given by output_index) and the input slot of the dst node (given by input_index). This is only possible if the types of the tensors on both sides coincide, so the function begins by obtaining the corresponding DataType values and comparing these for equality. However, there is no check that the indices point to inside of the arrays they index into. Thus, this can result in accessing data out of bounds of the corresponding heap allocated arrays. In most scenarios, this can manifest as unitialized data access, but if the index points far away from the boundaries of the arrays this can be used to leak addresses from the library. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.
How to fix
Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.
CVSS v3 Vector
Exploitability
Impact
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Exploit Intelligence
Low risk: more likely to be exploited than 12% of all known CVEs.
References
Related Vulnerabilities
Other CWE-125 (Out-of-bounds Read) vulnerabilities, ordered by exploit likelihood. View all
| CVE | Severity | CVSS | EPSS | Exploited | Fix |
|---|---|---|---|---|---|
| CVE-2014-0160 | High | 7.5 | 100% | KEV | Fix |
| CVE-2025-5777 | High | 7.5 | 100% | KEV + Ransom | Fix |
| CVE-2021-4034 | High | 7.8 | 95% | KEV | Fix |
| CVE-2023-21769 | High | 7.5 | 92% | - | Fix |
| CVE-2023-49285 | High | 8.6 | 89% | - | Fix |
| CVE-2020-8794 | Critical | 9.8 | 89% | - | Fix |
Embed a live status badge for CVE-2020-26271
Markdown
[](https://tridentstack.com/cve/CVE-2020-26271)HTML
<a href="https://tridentstack.com/cve/CVE-2020-26271"><img src="https://tridentstack.com/cve/badge/CVE-2020-26271.svg" alt="CVE-2020-26271"></a>Find and fix vulnerabilities across your fleet
TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.
Start freeThis product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.