Lucene search

K
ibmIBM84D30559D35FD555970758D810EDDE0ED5421D276176B0A77EEDD828267DAD65
HistoryJun 29, 2022 - 2:20 a.m.

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in TensorFlow

2022-06-2902:20:24
www.ibm.com
132
ibm watson discovery
ibm cloud pak for data
tensorflow
vulnerability
denial of service
heap-based buffer overflow
input validation
assertion failure
integer overflow
security bulletin.

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

33.3%

Summary

IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of TensorFlow.

Vulnerability Details

CVEID:CVE-2022-29210
**DESCRIPTION:**TensorFlow is vulnerable to a denial of service, caused by a heap-based buffer overflow in the TensorKey hash function. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227113 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-29213
**DESCRIPTION:**TensorFlow is vulnerable to a denial of service, caused by improper input validation in tf.compat.v1.signal.rfft2d and tf.compat.v1.signal.rfft3d. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227110 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-29207
**DESCRIPTION:**TensorFlow is vulnerable to a denial of service, caused by undefined behavior when users supply invalid resource handles. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227128 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-29212
**DESCRIPTION:**TensorFlow is vulnerable to a denial of service, caused by an assertion failure when loading TFLite models in the TFLite interpreter. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227111 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-29193
**DESCRIPTION:**Tensorflow is vulnerable to a denial of service, caused by improper validation of user-supplied input by the tf.raw_ops.TensorSummaryV2 component. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227075 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-29203
**DESCRIPTION:**TensorFlow is vulnerable to a denial of service, caused by an integer overflow in SpaceToBatchND. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227151 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-29198
**DESCRIPTION:**Tensorflow is vulnerable to a denial of service, caused by improper validation of user-supplied input by the tf.raw_ops.SparseTensorToCSRSparseMatrix component. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227070 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-29216
**DESCRIPTION:**TensorFlow could allow a local authenticated attacker to execute arbitrary code on the system, caused by a flaw in the saved_model_cli tool. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227167 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-29206
**DESCRIPTION:**TensorFlow is vulnerable to a denial of service, caused by missing validation in the tf.raw_ops.SparseTensorDenseAdd implementation. A local authenticated attacker could exploit this vulnerability to cause undefined behavior.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227129 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-29197
**DESCRIPTION:**Tensorflow is vulnerable to a denial of service, caused by improper validation of user-supplied input by the tf.raw_ops.UnsortedSegmentJoin component. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227071 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-29192
**DESCRIPTION:**Tensorflow is vulnerable to a denial of service, caused by improper validation of user-supplied input by the tf.raw_ops.QuantizeAndDequantizeV4Grad component. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227076 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-29209
**DESCRIPTION:**TensorFlow is vulnerable to a denial of service, caused by incorrect logic when comparing size_t and int values in the macros for writing assertions. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227126 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-29208
**DESCRIPTION:**TensorFlow is vulnerable to a denial of service, caused by incomplete validation in the tf.raw_ops.EditDistance implementation. A remote authenticated attacker could exploit this vulnerability to cause a segmentation fault.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227127 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-29202
**DESCRIPTION:**TensorFlow is vulnerable to a denial of service, caused by lack of validation in the tf.ragged.constant implementation. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227152 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-29194
**DESCRIPTION:**Tensorflow is vulnerable to a denial of service, caused by improper validation of user-supplied input by the tf.raw_ops.DeleteSessionTensor component. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227074 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-29201
**DESCRIPTION:**TensorFlow is vulnerable to a denial of service, caused by missing validation in the tf.raw_ops.QuantizedConv2D implementation. A local authenticated attacker could exploit this vulnerability to cause undefined behavior.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227153 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-29196
**DESCRIPTION:**Tensorflow is vulnerable to a denial of service, caused by improper validation of user-supplied input by the tf.raw_ops.Conv3DBackpropFilterV2 component. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227072 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-29200
**DESCRIPTION:**Tensorflow is vulnerable to a denial of service, caused by improper validation of user-supplied input by the tf.raw_ops.LSTMBlockCell component. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227068 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-29199
**DESCRIPTION:**Tensorflow is vulnerable to a denial of service, caused by improper validation of user-supplied input by the tf.raw_ops.LoadAndRemapMatrix component. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227069 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-29195
**DESCRIPTION:**Tensorflow is vulnerable to a denial of service, caused by improper validation of user-supplied input by the tf.raw_ops.StagePeek component. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227073 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-29204
**DESCRIPTION:**TensorFlow is vulnerable to a denial of service, caused by missing validation in the tf.raw_ops.UnsortedSegmentJoin implementation. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227150 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-29191
**DESCRIPTION:**Tensorflow is vulnerable to a denial of service, caused by improper validation of user-supplied input by the tf.raw_ops.GetSessionTensor component. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227077 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-29211
**DESCRIPTION:**TensorFlow is vulnerable to a denial of service, caused by improper input validation in the tf.histogram_fixed_width implementaiton when the values array contains NaN elements. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227112 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-29205
**DESCRIPTION:*TensorFlow is vulnerable to a denial of service, caused by a NULL pointer dereference in ParseDimensionValue in the py_value argument. By calling tf.compat.v1. ops which do not support quantized types, a local authenticated attacker could exploit this vulnerability to cause a segmentation fault.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/227130 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

**IBM X-Force ID:**228293
**DESCRIPTION:**TensorFlow is vulnerable to a denial of service, caused by an CHECK-failure (assertion failure) in the implementation of depthwise ops. By sending a specially-crafted request to overflow the number of elements in a tensor, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/228293 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

Affected Product(s) Version(s)
Watson Discovery 4.0.0-4.0.9

Remediation/Fixes

Upgrade to IBM Watson Discovery 4.5.0

<https://cloud.ibm.com/docs/discovery-data?topic=discovery-data-install&gt;

Workarounds and Mitigations

None

Affected configurations

Vulners
Node
ibmwatson_discoveryMatch4.0.0
OR
ibmwatson_discoveryMatch4.0.9

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

33.3%

Related for 84D30559D35FD555970758D810EDDE0ED5421D276176B0A77EEDD828267DAD65