Google TensorFlow 输入验证错误漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google Google. Google Tensorflow suffers from an input validation error vulnerability, which stems from the fact that implementations of dequantized shape inference are vulnerable to integer overflow weaknesses, whi...

PT-2022-15071 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: The implementation of shape inference for ConcatV2 can be used to trigger a deni...

PT-2022-15066 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier Description: The implementation of shape inference for Dequantize is vulnerable to an integer...

Being Naughty to See Who Was Nice: Machine Learning Attacks on Santa’s List

Editor’s note: We had planned to publish our Hacky Holidays blog series throughout December 2021 – but then Log4Shell happened, and we dropped everything to focus on this major vulnerability that impacted the entire cybersecurity community worldwide. Now that it’s 2022, we’re feeling in need of...

Google TensorFlow Buffer Overflow Vulnerability (CNVD-2022-09870)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A buffer overflow vulnerability exists in Google TensorFlow, which stems from undefined behavior of the shape inference code of "tf.ragged.cross" due to a bound reference to "nullptr" in the...

GHSA-49RX-X2RW-PC6F Heap OOB read in all `tf.raw_ops.QuantizeAndDequantizeV*` ops

Impact The shape inference functions for the QuantizeAndDequantizeV operations can trigger a read outside of bounds of heap allocated array as illustrated in the following sets of PoCs: python import tensorflow as tf @tf.function def test: data=tf.rawops.QuantizeAndDequantizeV4Grad...

Heap OOB read in all `tf.raw_ops.QuantizeAndDequantizeV*` ops

Impact The shape inference functions for the QuantizeAndDequantizeV operations can trigger a read outside of bounds of heap allocated array as illustrated in the following sets of PoCs: python import tensorflow as tf @tf.function def test: data=tf.rawops.QuantizeAndDequantizeV4Grad...

GHSA-CVGX-3V3Q-M36C Heap OOB in shape inference for `QuantizeV2`

Impact The shape inference code for QuantizeV2 can trigger a read outside of bounds of heap allocated array: python import tensorflow as tf @tf.function def test: data=tf.rawops.QuantizeV2 input=1.0,1.0, minrange=1.0,10.0, maxrange=1.0,10.0, T=tf.qint32, mode='MINCOMBINED', roundmode='HALFTOEVEN'...

Heap OOB in shape inference for `QuantizeV2`

Impact The shape inference code for QuantizeV2 can trigger a read outside of bounds of heap allocated array: python import tensorflow as tf @tf.function def test: data=tf.rawops.QuantizeV2 input=1.0,1.0, minrange=1.0,10.0, maxrange=1.0,10.0, T=tf.qint32, mode='MINCOMBINED', roundmode='HALFTOEVEN'...

Reference binding to `nullptr` in `tf.ragged.cross`

Impact The shape inference code for tf.ragged.cross has an undefined behavior due to binding a reference to nullptr. In the following scenario, this results in a crash: python import tensorflow as tf @tf.function def test: y = tf.ragged.crosstf.ragged.constant'1','2' return y test Patches We have...

GHSA-X3V8-C8QX-3J3R Null pointer exception in `DeserializeSparse`

Impact The shape inference code for DeserializeSparse can trigger a null pointer dereference: python import tensorflow as tf dataset = tf.data.Dataset.range3 @tf.function def test: y = tf.rawops.DeserializeSparse serializedsparse=tf.data.experimental.tovariantdataset, dtype=tf.int32 test This is...

Null pointer exception in `DeserializeSparse`

Impact The shape inference code for DeserializeSparse can trigger a null pointer dereference: python import tensorflow as tf dataset = tf.data.Dataset.range3 @tf.function def test: y = tf.rawops.DeserializeSparse serializedsparse=tf.data.experimental.tovariantdataset, dtype=tf.int32 test This is...

GHSA-3FF2-R28G-W7H9 Heap buffer overflow in `Transpose`

Impact The shape inference function for Transpose is vulnerable to a heap buffer overflow: python import tensorflow as tf @tf.function def test: y = tf.rawops.Transposex=1,2,3,4,perm=-10 return y test This occurs whenever perm contains negative elements. The shape inference function does not...

GHSA-CQV6-3PHM-HCWX Access to invalid memory during shape inference in `Cudnn*` ops

Impact The shape inference code for the Cudnn operations in TensorFlow can be tricked into accessing invalid memory, via a heap buffer overflow: python import tensorflow as tf @tf.function def func: return tf.rawops.CudnnRNNV3 input=0.1, 0.1, inputh=0.5, inputc=0.1, 0.1, 0.1, params=0.5, 0.5,...

Access to invalid memory during shape inference in `Cudnn*` ops

Impact The shape inference code for the Cudnn operations in TensorFlow can be tricked into accessing invalid memory, via a heap buffer overflow: python import tensorflow as tf @tf.function def func: return tf.rawops.CudnnRNNV3 input=0.1, 0.1, inputh=0.5, inputc=0.1, 0.1, 0.1, params=0.5, 0.5,...

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service. The shape inference code for DeserializeSparse can trigger a null pointer dereference, allowing an attacker to cause an application crash...

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service. An attacker can crash the application through the shape inference code for tf.ragged.cross due to a read outside of bounds of the heap-allocated array...

Google TensorFlow buffer overflow vulnerability (CNVD-2021-87050)

Google TensorFlow is an end-to-end open source platform for machine learning from Google Google. Google TensorFlow is vulnerable to a buffer overflow vulnerability that stems from Transpose's shape inference function being vulnerable to a heap buffer overflow. No details of the vulnerability are...

Google TensorFlow numeric error vulnerability (CNVD-2021-88715)

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A numeric error vulnerability exists in versions of Google TensorFlow prior to 2.7.0, which stems from the fact that AllToAll in TensorFlow performs division by zero when inferring code. No details of t...

Google TensorFlow buffer overflow vulnerability (CNVD-2021-87033)

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A buffer overflow vulnerability exists in Google TensorFlow, which stems from the fact that shape inference code for Cudnn operations can be tricked into accessing invalid memory via a heap buffer...