Undefined behavior when users supply invalid resource handles

Impact Multiple TensorFlow operations misbehave in eager mode when the resource handle provided to them is invalid: python import tensorflow as tf tf.rawops.QueueIsClosedV2handle= python import tensorflow as tf tf.summary.flushwriter= In graph mode, it would have been impossible to perform these...

Missing validation results in undefined behavior in `SparseTensorDenseAdd

Impact The implementation of tf.rawops.SparseTensorDenseAdd does not fully validate the input arguments: python import tensorflow as tf aindices = tf.constant0, shape=17, 2, dtype=tf.int64 avalues = tf.constant, shape=0, dtype=tf.float32 ashape = tf.constant6, 12, shape=2, dtype=tf.int64 b =...

Integer overflow in `SpaceToBatchND`

Impact The implementation of tf.rawops.SpaceToBatchND in all backends such as XLA and handwritten kernels is vulnerable to an integer overflow: python import tensorflow as tf input = tf.constant-3.5e+35, shape=10,19,22, dtype=tf.float32 blockshape = tf.constant-1879048192, shape=2, dtype=tf.int64...

Missing validation causes denial of service via `LoadAndRemapMatrix`

Impact The implementation of tf.rawops.LoadAndRemapMatrix does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack: python import tensorflow as tf ckptpath = tf.constant...

Missing validation causes denial of service via `StagePeek`

Impact The implementation of tf.rawops.StagePeek does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack: python import tensorflow as tf index = tf.constant, shape=0, dtype=tf.int32 tf.rawops.StagePeekindex=index,...

Arbitrary Code Execution

Overview Affected versions of this package are vulnerable to Arbitrary Code Execution in the gitserver service. An administrator who is able to edit or add a Gitolite code host and has administrative access to Sourcegraph’s bundled Grafana instance can change this command arbitrarily and run it...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS due to a memory leak in VFRRT.cpp. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users. Unlike other vulnerabilities, DoS...

Twisted SSH client and server deny of service during SSH handshake.

Impact The Twisted SSH client and server implementation naively accepted an infinite amount of data for the peer's SSH version identifier. A malicious peer can trivially craft a request that uses all available memory and crash the server, resulting in denial of service. The attack is as simple as...

Use of Externally-Controlled Format String in wire-avs

Impact A remote format string vulnerability allowed an attacker to cause a denial of service or possibly execute arbitrary code. Patches The issue has been fixed in wire-avs 7.1.12 and is already included on all Wire products currently used version is 8.0.x Workarounds No workaround known...

CVE-2022-21705 Authenticated remote code execution in octobercms

Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework. In affected versions user input was not properly sanitized before rendering. An authenticated user with the permissions to create, modify and delete website pages can exploit this vulnerability to bypass cms.safemode /...

`CHECK`-failures in `TensorByteSize` in Tensorflow

Impact A malicious user can cause a denial of service by altering a SavedModel such that TensorByteSize would trigger CHECK failures. cc int64t TensorByteSizeconst TensorProto& t // numelements returns -1 if shape is not fully defined. int64t numelems = TensorShapet.tensorshape.numelements; retur...

`CHECK`-failures during Grappler's `SafeToRemoveIdentity` in Tensorflow

Impact The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a SavedModel such that SafeToRemoveIdentity would trigger CHECK failures. Patches We have patched the issue in GitHub commit 92dba16749fae36c246bec3f9ba474d9ddeb7662. The fix will be included in...

Memory leak in Tensorflow

Impact If a graph node is invalid, TensorFlow can leak memory in the implementation of ImmutableExecutorState::Initialize: cc Status s = params.createkerneln-properties, &item-kernel; if !s.ok item-kernel = nullptr; s = AttachDefs, n; return s; Here, we set item-kernel to nullptr but it is a simp...

Integer overflow in Tensorflow

Impact The implementation of OpLevelCostEstimator::CalculateTensorSize is vulnerable to an integer overflow if an attacker can create an operation which would involve a tensor with large enough number of elements: cc int64t OpLevelCostEstimator::CalculateTensorSize const OpInfo::TensorProperties&...

`CHECK`-failures in Tensorflow

Impact The implementation of MapStage is vulnerable a CHECK-fail if the key tensor is not a scalar: python import tensorflow as tf import numpy as np tf.rawops.MapStage key = tf.constantvalue=4, shape= 1,2, dtype=tf.int64, indices = np.array6, values = np.array-60, dtypes = tf.int64, capacity=0,...

Type confusion leading to segfault in Tensorflow

Impact The implementation of shape inference for ConcatV2 can be used to trigger a denial of service attack via a segfault caused by a type confusion: python import tensorflow as tf @tf.function def test: y = tf.rawops.ConcatV2 values=1,2,3,4,5,6, axis = 0xb500005b return y test The axis argument...

Overflow and uncaught divide by zero in Tensorflow

Impact The implementation of UnravelIndex is vulnerable to a division by zero caused by an integer overflow bug: python import tensorflow as tf tf.rawops.UnravelIndexindices=-0x100000,dims=0x100000,0x100000 Patches We have patched the issue in GitHub commit 58b34c6c8250983948b5a781b426f6aa01fd47a...

Integer overflow in Tensorflow

Impact The implementation of Range suffers from integer overflows. These can trigger undefined behavior or, in some scenarios, extremely large allocations. Patches We have patched the issue in GitHub commit f0147751fd5d2ff23251149ebad9af9f03010732 merging 51733. The fix will be included in...

Out of bounds write in TFLite

Impact An attacker can craft a TFLite model that would cause a write outside of bounds of an array in TFLite. In fact, the attacker can override the linked list used by the memory allocator. This can be leveraged for an arbitrary write primitive under certain conditions. Patches We have patched t...

Integer overflow in TFLite array creation

Impact An attacker can craft a TFLite model that would cause an integer overflow in TfLiteIntArrayCreate: cc TfLiteIntArray TfLiteIntArrayCreateint size int allocsize = TfLiteIntArrayGetSizeInBytessize; // ... TfLiteIntArray ret = TfLiteIntArraymallocallocsize; // ... The...