TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `tf.raw_ops.CTCLoss` allows an attacker to trigger an OOB read from heap. The fix will be included in TensorFlow 2.5.0. We will also cherrypick these commits on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.
{"osv": [{"lastseen": "2022-05-11T21:44:15", "description": "TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `tf.raw_ops.CTCLoss` allows an attacker to trigger an OOB read from heap. The fix will be included in TensorFlow 2.5.0. We will also cherrypick these commits on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-05-14T20:15:00", "type": "osv", "title": "PYSEC-2021-250", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-29613"], "modified": "2021-08-27T03:22:41", "id": "OSV:PYSEC-2021-250", "href": "https://osv.dev/vulnerability/PYSEC-2021-250", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2022-05-11T21:30:48", "description": "TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `tf.raw_ops.CTCLoss` allows an attacker to trigger an OOB read from heap. The fix will be included in TensorFlow 2.5.0. We will also cherrypick these commits on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-05-14T20:15:00", "type": "osv", "title": "PYSEC-2021-541", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-29613"], "modified": "2021-12-09T06:35:00", "id": "OSV:PYSEC-2021-541", "href": "https://osv.dev/vulnerability/PYSEC-2021-541", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2022-08-15T08:45:08", "description": "### Impact \nIncomplete validation in `tf.raw_ops.CTCLoss` allows an attacker to trigger an OOB read from heap:\n\n```python\nimport tensorflow as tf\n\ninputs = tf.constant([], shape=[10, 16, 0], dtype=tf.float32)\nlabels_indices = tf.constant([], shape=[8, 0], dtype=tf.int64)\nlabels_values = tf.constant([-100] * 8, shape=[8], dtype=tf.int32)\nsequence_length = tf.constant([-100] * 16, shape=[16], dtype=tf.int32)\n \ntf.raw_ops.CTCLoss(inputs=inputs, labels_indices=labels_indices,\n labels_values=labels_values, sequence_length=sequence_length,\n preprocess_collapse_repeated=True, ctc_merge_repeated=False,\n ignore_longer_outputs_than_inputs=True)\n``` \n \nAn attacker can also trigger a heap buffer overflow:\n\n```python\nimport tensorflow as tf\n\ninputs = tf.constant([], shape=[7, 2, 0], dtype=tf.float32)\nlabels_indices = tf.constant([-100, -100], shape=[2, 1], dtype=tf.int64)\nlabels_values = tf.constant([-100, -100], shape=[2], dtype=tf.int32)\nsequence_length = tf.constant([-100, -100], shape=[2], dtype=tf.int32)\n\ntf.raw_ops.CTCLoss(inputs=inputs, labels_indices=labels_indices,\n labels_values=labels_values, sequence_length=sequence_length,\n preprocess_collapse_repeated=False, ctc_merge_repeated=False,\n ignore_longer_outputs_than_inputs=False)\n```\n\nFinally, an attacker can trigger a null pointer dereference:\n\n```python \nimport tensorflow as tf\n\ninputs = tf.constant([], shape=[0, 2, 11], dtype=tf.float32)\nlabels_indices = tf.constant([], shape=[0, 2], dtype=tf.int64)\nlabels_values = tf.constant([], shape=[0], dtype=tf.int32)\nsequence_length = tf.constant([-100, -100], shape=[2], dtype=tf.int32)\n\ntf.raw_ops.CTCLoss(inputs=inputs, labels_indices=labels_indices,\n labels_values=labels_values, sequence_length=sequence_length,\n preprocess_collapse_repeated=False, ctc_merge_repeated=False,\n ignore_longer_outputs_than_inputs=False)\n```\n\n### Patches\nWe have patched the issue in GitHub commit[14607c0707040d775e06b6817325640cb4b5864c](https://github.com/tensorflow/tensorflow/commit/14607c0707040d775e06b6817325640cb4b5864c) followed by GitHub commit [4504a081af71514bb1828048363e6540f797005b](https://github.com/tensorflow/tensorflow/commit/4504a081af71514bb1828048363e6540f797005b).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick these commits on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Yakun Zhang and Ying Wang of Baidu X-Team.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-05-21T14:28:39", "type": "osv", "title": "Incomplete validation in `tf.raw_ops.CTCLoss`", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-29613"], "modified": "2022-08-15T08:45:04", "id": "OSV:GHSA-VVG4-VGRV-XFR7", "href": "https://osv.dev/vulnerability/GHSA-vvg4-vgrv-xfr7", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:P"}}], "github": [{"lastseen": "2022-08-13T05:00:11", "description": "### Impact \nIncomplete validation in `tf.raw_ops.CTCLoss` allows an attacker to trigger an OOB read from heap:\n\n```python\nimport tensorflow as tf\n\ninputs = tf.constant([], shape=[10, 16, 0], dtype=tf.float32)\nlabels_indices = tf.constant([], shape=[8, 0], dtype=tf.int64)\nlabels_values = tf.constant([-100] * 8, shape=[8], dtype=tf.int32)\nsequence_length = tf.constant([-100] * 16, shape=[16], dtype=tf.int32)\n \ntf.raw_ops.CTCLoss(inputs=inputs, labels_indices=labels_indices,\n labels_values=labels_values, sequence_length=sequence_length,\n preprocess_collapse_repeated=True, ctc_merge_repeated=False,\n ignore_longer_outputs_than_inputs=True)\n``` \n \nAn attacker can also trigger a heap buffer overflow:\n\n```python\nimport tensorflow as tf\n\ninputs = tf.constant([], shape=[7, 2, 0], dtype=tf.float32)\nlabels_indices = tf.constant([-100, -100], shape=[2, 1], dtype=tf.int64)\nlabels_values = tf.constant([-100, -100], shape=[2], dtype=tf.int32)\nsequence_length = tf.constant([-100, -100], shape=[2], dtype=tf.int32)\n\ntf.raw_ops.CTCLoss(inputs=inputs, labels_indices=labels_indices,\n labels_values=labels_values, sequence_length=sequence_length,\n preprocess_collapse_repeated=False, ctc_merge_repeated=False,\n ignore_longer_outputs_than_inputs=False)\n```\n\nFinally, an attacker can trigger a null pointer dereference:\n\n```python \nimport tensorflow as tf\n\ninputs = tf.constant([], shape=[0, 2, 11], dtype=tf.float32)\nlabels_indices = tf.constant([], shape=[0, 2], dtype=tf.int64)\nlabels_values = tf.constant([], shape=[0], dtype=tf.int32)\nsequence_length = tf.constant([-100, -100], shape=[2], dtype=tf.int32)\n\ntf.raw_ops.CTCLoss(inputs=inputs, labels_indices=labels_indices,\n labels_values=labels_values, sequence_length=sequence_length,\n preprocess_collapse_repeated=False, ctc_merge_repeated=False,\n ignore_longer_outputs_than_inputs=False)\n```\n\n### Patches\nWe have patched the issue in GitHub commit[14607c0707040d775e06b6817325640cb4b5864c](https://github.com/tensorflow/tensorflow/commit/14607c0707040d775e06b6817325640cb4b5864c) followed by GitHub commit [4504a081af71514bb1828048363e6540f797005b](https://github.com/tensorflow/tensorflow/commit/4504a081af71514bb1828048363e6540f797005b).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick these commits on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Yakun Zhang and Ying Wang of Baidu X-Team.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-05-21T14:28:39", "type": "github", "title": "Incomplete validation in `tf.raw_ops.CTCLoss`", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-29613"], "modified": "2022-08-13T03:06:16", "id": "GHSA-VVG4-VGRV-XFR7", "href": "https://github.com/advisories/GHSA-vvg4-vgrv-xfr7", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:P"}}], "cve": [{"lastseen": "2022-03-23T17:02:24", "description": "TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `tf.raw_ops.CTCLoss` allows an attacker to trigger an OOB read from heap. The fix will be included in TensorFlow 2.5.0. We will also cherrypick these commits on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-05-14T20:15:00", "type": "cve", "title": "CVE-2021-29613", "cwe": ["CWE-665"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-29613"], "modified": "2021-05-18T18:38:00", "cpe": [], "id": "CVE-2021-29613", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-29613", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:P"}, "cpe23": []}], "ibm": [{"lastseen": "2022-08-04T12:51:15", "description": "## Summary\n\nTensorFlow is vulnerable to a denial of service on IBM Watson Machine Learning on CP4D\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-29608](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29608>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a heap out-of-bounds and NULL pointer dereference flaw in \"RaggedTensorToTensor\". By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201858](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201858>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H) \n \n** CVEID: **[CVE-2021-29585](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29585>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by division by zero in padding computation in TFLite. By crafting a model, a local authenticated attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201878](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201878>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29549](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29549>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a division by zero flaw in tf.raw_ops.QuantizedAdd. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201933](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201933>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29575](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29575>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a stack-based buffer overflow in the implementation of tf.raw_ops.ReverseSequence. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201951](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201951>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29589](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29589>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by division by zero in TFLite's implementation of `GatherNd`. By crafting a model, a local authenticated attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201871](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201871>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29593](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29593>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by division by zero in TFLite's implementation of `BatchToSpaceNd`. By crafting a model, a local authenticated attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201899](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201899>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29571](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29571>) \n** DESCRIPTION: **TensorFlow could allow a local authenticated attacker to execute arbitrary code on the system, caused by a memory corruption flaw in the implementation of tf.raw_ops.DrawBoundingBoxesV2. By using a specially-crafted model, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 4.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201947](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201947>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2021-29616](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29616>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the implementation of TrySimplify. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201866](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201866>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29597](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29597>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by division by zero in TFLite's implementation of `SpaceToBatchNd `. By crafting a model, a local authenticated attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201895](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201895>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29557](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29557>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a division by zero flaw in tf.raw_ops.SparseMatMul. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201941](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201941>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29603](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29603>) \n** DESCRIPTION: **TensorFlow could allow a local authenticated attacker is vulnerable to a denial of service, caused by an out-of-bounds write flaw on heap in the TFLite implementation of ArgMin/ArgMax. By using a specially-crafted model, an attacker could exploit this vulnerability to cause a denial of service condition on the system. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201853](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201853>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29612](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29612>) \n** DESCRIPTION: **TensorFlow is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the Eigen implementation of tf.raw_ops.BandedTriangularSolve. By using a specially-crafted model, a local authenticated attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 3.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201862](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201862>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2021-29581](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29581>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a segfault in `CTCBeamSearchDecoder`. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201885](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201885>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29553](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29553>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a heap out-of-bounds read flaw in tf.raw_ops.QuantizeAndDequantizeV3. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201937](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201937>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29579](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29579>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a heap-based buffer overflow in the implementation of tf.raw_ops.MaxPoolGrad. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201955](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201955>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29615](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29615>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a stack overflow due to recursion. By using a specially-crafted input, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201865](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201865>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29598](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29598>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by division by zero in TFLite's implementation of `SVDF `. By crafting a model, a local authenticated attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201893](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201893>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29556](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29556>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a division by zero flaw in tf.raw_ops.Reverse. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201940](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201940>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29602](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29602>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a division by zero flaw in TFLite's implementation of \"DepthwiseConv\". By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201852](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201852>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29611](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29611>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by improper validation in the SparseReshape results. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201861](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201861>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2021-29582](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29582>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a heap-based buffer overflow intf.raw_ops.Dequantize. By sending a specially-crafted request, a local authenticated attacker could overflow a buffer and cause a denial of service. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201883](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201883>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29552](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29552>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a CHECK`-failure in UnsortedSegmentJoin. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201936](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201936>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29578](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29578>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a heap-based buffer overflow in the implementation of tf.raw_ops.FractionalAvgPoolGrad. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201954](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201954>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29607](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29607>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a division by improper validation in SparseAdd results. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201857](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201857>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H) \n \n** CVEID: **[CVE-2021-29586](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29586>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by division by zero optimized pooling implementations in TFLite. By crafting a model, a local authenticated attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201875](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201875>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29590](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29590>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a heap-based buffer overflow in TFLite's implementation of `Minimum` or `Maximum`. By crafting a model, a local authenticated attacker could overflow a buffer and cause a denial of service. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29574](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29574>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the implementation of tf.raw_ops.MaxPool3DGradGrad. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201950](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201950>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29619](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29619>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by improper input validation in tf.raw_ops.SparseCountSparseOutput. By using a specially-crafted input, a local authenticated attacker could exploit this vulnerability to cause a segfault. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201869](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201869>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29594](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29594>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by division by zero in TFLite's convolution code. By crafting a model, a local authenticated attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201898](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201898>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29570](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29570>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a heap out-of-bounds read flaw in tf.raw_ops.MaxPoolGradWithArgmax. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201946](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201946>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29606](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29606>) \n** DESCRIPTION: **TensorFlow could allow a local authenticated attacker to obtain sensitive information, caused by an out-of-bounds read flaw on heap in the TFLite implementation. By using a specially-crafted model, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201856](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201856>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H) \n \n** CVEID: **[CVE-2021-29587](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29587>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by division by zero in TFLite's implementation of `SpaceToDepth`. By crafting a model, a local authenticated attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201873](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201873>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29591](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29591>) \n** DESCRIPTION: **TensorFlow is vulnerable to a stack-based buffer overflow, caused by an infinite loop during evaluation. By crafting a model, a local authenticated attacker could overflow a buffer and execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201901](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201901>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H) \n \n** CVEID: **[CVE-2021-29573](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29573>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a division by zero flaw in the implementation of tf.raw_ops.MaxPoolGradWithArgmax. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201949](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201949>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29618](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29618>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by improper input validation in tf.transpose. By using a specially-crafted input, a local authenticated attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201868](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201868>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29595](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29595>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by division by zero in TFLite's implementation of `DepthToSpace`. By crafting a model, a local authenticated attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201897](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201897>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29569](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29569>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a heap out-of-bounds read flaw in tf.raw_ops.RequantizationRange. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201945](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201945>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29614](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29614>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a flaw in the implementation of tf.io.decode_raw. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause interpreter to crash. \nCVSS Base score: 7.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201864](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201864>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H) \n \n** CVEID: **[CVE-2021-29599](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29599>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by division by zero in TFLite's implementation of `Split`. By crafting a model, a local authenticated attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201892](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201892>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29555](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29555>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a division by zero flaw in tf.raw_ops.FusedBatchNorm. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201939](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201939>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29601](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29601>) \n** DESCRIPTION: **TensorFlow could allow a local authenticated attacker to execute arbitrary code on the system, caused by an integer overflow in the TFLite's implementation of concatenation. By using a specially-crafted model, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201851](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201851>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H) \n \n** CVEID: **[CVE-2021-29610](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29610>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by improper validation in tf.raw_ops.QuantizeAndDequantizeV2. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201860](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201860>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2021-29583](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29583>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a heap-based buffer overflow in the implementation of `tf.raw_ops.FusedBatchNorm`. By sending a specially-crafted request, a local authenticated attacker could overflow a buffer and cause a denial of service. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201880](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201880>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29551](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29551>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by an out-of-bounds read flaw in the implementation of MatrixTriangularSolve. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201935](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201935>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29577](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29577>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a heap-based buffer overflow in the implementation of tf.raw_ops.AvgPool3DGrad. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201953](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201953>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29604](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29604>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a division by zero flaw in TFLite's implementation of hashtable lookup. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201854](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201854>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29613](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29613>) \n** DESCRIPTION: **TensorFlow could allow a local authenticated attacker to obtain sensitive information, caused by an out-of-bounds read flaw due to incomplete validation in tf.raw_ops.CTCLoss. By using a specially-crafted model, an attacker could exploit this vulnerability to obtain sensitive information, or cause a denial of service condition. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201863](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201863>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H) \n \n** CVEID: **[CVE-2021-29580](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29580>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by division by an undefined behavior in implementation of 'tf.raw_ops.FractionalMaxPoolGrad'. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201887](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201887>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29554](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29554>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a division by zero flaw in tf.raw_ops.DenseCountSparseOutput. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201938](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201938>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29600](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29600>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a division by zero flaw in TFLite's implementation of \"OneHot\". By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201850](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201850>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29609](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29609>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by improper validation in the SparseAdd results. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201859](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201859>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H) \n \n** CVEID: **[CVE-2021-29584](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29584>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by division by an integer overflow in constructing a new tensor shape. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201879](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201879>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29550](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29550>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a division by zero flaw in tf.raw_ops.FractionalAvgPool. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201934](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201934>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29576](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29576>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a heap-based buffer overflow in the implementation of tf.raw_ops.MaxPool3DGradGrad. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201952](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201952>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29605](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29605>) \n** DESCRIPTION: **TensorFlow could allow a local authenticated attacker to execute arbitrary code on the system, caused by an integer overflow in the TFLite code for allocating TFLiteIntArray. By using a specially-crafted model, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201855](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201855>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H) \n \n** CVEID: **[CVE-2021-29588](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29588>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by division by zero in TFLite's implementation of `TransposeConv`. By crafting a model, a local authenticated attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201872](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201872>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29592](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29592>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a NULL pointer dereference in TFLite's `Reshape` operator. By crafting a model, a local authenticated attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201900](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201900>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29572](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29572>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the implementation of tf.raw_ops.SdcaOptimizer. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201948](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201948>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29617](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29617>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a CHECK-fail in tf.strings.substr. By using a specially-crafted arguments, a local authenticated attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201867](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201867>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29596](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29596>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by division by zero in TFLite's implementation of `EmbeddingLookup`. By crafting a model, a local authenticated attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201896](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201896>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-29558](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29558>) \n** DESCRIPTION: **TensorFlow is vulnerable to a denial of service, caused by a heap-based buffer overflow in tf.raw_ops.SparseSplit. By using a specially-crafted model, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201942](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201942>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Watson Machine Learning on CP4D| 2.5,3.0,3.5,4.0 \n \n\n\n## Remediation/Fixes\n\nFix is available on IBM Watson Machine Learning on CP4D 4.0.1 \nSee : <https://www.ibm.com/support/producthub/icpdata/docs/content/SSQNUZ_latest/cpd/overview/whats-new.html#whats-new>\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n02 Sep 2021: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSCNDT\",\"label\":\"IBM Watson Machine Learning\"},\"Component\":\"WML\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF040\",\"label\":\"RedHat OpenShift\"}],\"Version\":\"4.0.1\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-02T18:04:11", "type": "ibm", "title": "Security Bulletin: Multiple TensorFlow Vulnerabilities Affect IBM Watson Machine Learning on CP4D", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-29549", "CVE-2021-29550", "CVE-2021-29551", "CVE-2021-29552", "CVE-2021-29553", "CVE-2021-29554", "CVE-2021-29555", "CVE-2021-29556", "CVE-2021-29557", "CVE-2021-29558", "CVE-2021-29569", "CVE-2021-29570", "CVE-2021-29571", "CVE-2021-29572", "CVE-2021-29573", "CVE-2021-29574", "CVE-2021-29575", "CVE-2021-29576", "CVE-2021-29577", "CVE-2021-29578", "CVE-2021-29579", "CVE-2021-29580", "CVE-2021-29581", "CVE-2021-29582", "CVE-2021-29583", "CVE-2021-29584", "CVE-2021-29585", "CVE-2021-29586", "CVE-2021-29587", "CVE-2021-29588", "CVE-2021-29589", "CVE-2021-29590", "CVE-2021-29591", "CVE-2021-29592", "CVE-2021-29593", "CVE-2021-29594", "CVE-2021-29595", "CVE-2021-29596", "CVE-2021-29597", "CVE-2021-29598", "CVE-2021-29599", "CVE-2021-29600", "CVE-2021-29601", "CVE-2021-29602", "CVE-2021-29603", "CVE-2021-29604", "CVE-2021-29605", "CVE-2021-29606", "CVE-2021-29607", "CVE-2021-29608", "CVE-2021-29609", "CVE-2021-29610", "CVE-2021-29611", "CVE-2021-29612", "CVE-2021-29613", "CVE-2021-29614", "CVE-2021-29615", "CVE-2021-29616", "CVE-2021-29617", "CVE-2021-29618", "CVE-2021-29619"], "modified": "2021-09-02T18:04:11", "id": "462379CDFB08720C8CEB242CA5532298703C49FC4ED27C24C207970EC0478A53", "href": "https://www.ibm.com/support/pages/node/6486007", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}]}
PYSEC-2021-739
