BIT-tensorflow-2021-29519

2024-03-0611:20:01

Google

osv.dev

tensorflow

machine learning

api vulnerability

type confusion

data types

security patch

software

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.5%

JSON

TensorFlow is an end-to-end open source platform for machine learning. The API of tf.raw_ops.SparseCross allows combinations which would result in a CHECK-failure and denial of service. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/3d782b7d47b1bf2ed32bd4a246d6d6cadc4c903d/tensorflow/core/kernels/sparse_cross_op.cc#L114-L116) is tricked to consider a tensor of type tstring which in fact contains integral elements. Fixing the type confusion by preventing mixing DT_STRING and DT_INT64 types solves this issue. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CPENameOperatorVersion
tensorflowlt2.1.4
tensorflowlt2.4.2
tensorflowge2.3.0
tensorflowlt2.3.3
tensorflowge2.4.0
tensorflowge2.2.0
tensorflowlt2.2.3

Name	Operator	Version
tensorflow	lt	2.1.4
tensorflow	lt	2.4.2
tensorflow	ge	2.3.0
tensorflow	lt	2.3.3
tensorflow	ge	2.4.0
tensorflow	ge	2.2.0
tensorflow	lt	2.2.3

References

github.com/tensorflow/tensorflow/commit/b1cc5e5a50e7cee09f2c6eb48eb40ee9c4125025

github.com/tensorflow/tensorflow/security/advisories/GHSA-772j-h9xw-ffp5