## TFSA-2020-025: Undefined behavior in `dlpack.to_dlpack` ### CVE Number CVE-2020-15191 ### Impact If a user passes an invalid argument to `dlpack.to_dlpack` the expected validations will cause variables to bind to `nullptr` while setting a `status` variable to the error condition. However, this `status` argument is not [properly checked](https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/c/eager/dlpack.cc#L265-L267): ```cc dlm_tensor->dl_tensor.data = TFE_TensorHandleDevicePointer(h, status); dlm_tensor->dl_tensor.dtype = GetDlDataType(data_type, status); ``` Hence, code following these methods will [bind references to null pointers](https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/c/eager/dlpack.cc#L279-L285): ```cc dlm_tensor->dl_tensor.shape = &(*shape_arr)[0]; dlm_tensor->dl_tensor.strides = &(*stride_arr)[0]; ``` This is undefined behavior and reported as an error if compiling with `-fsanitize=null`. ### Vulnerable Versions TensorFlow 2.2.0, 2.3.0. ### Patches We have patched the issue in [22e07fb204386768e5bcbea563641ea11f96ceb8](https://github.com/tensorflow/tensorflow/commit/22e07fb204386768e5bcbea563641ea11f96ceb8) and will release a patch release for all affected versions. We recommend users to upgrade to TensorFlow 2.2.1 or 2.3.1. ### For more information Please consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions. ### Attribution This vulnerability has been discovered through a variant analysis of [a vulnerability reported by members of the Aivul Team from Qihoo 360](https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2020-023.md).