PT-2021-21764 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.6.0 TensorFlow versions 2.5.1 and earlier TensorFlow versions 2.4.3 and earlier TensorFlow versions 2.3.4 and earlier Description: The code for tf.raw ops.UncompressElement can be made to trigger a null pointer...

PT-2021-21791 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.6.0 TensorFlow versions 2.5.1 and earlier TensorFlow versions 2.4.3 and earlier TensorFlow versions 2.3.4 and earlier Description: An attacker can trigger a denial of service via a CHECK-fail in tf.raw...

PT-2021-21753 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.6.0 TensorFlow version 2.5.1 TensorFlow version 2.4.3 TensorFlow version 2.3.4 Description: The issue arises when sending an invalid argument for row partition types of the tf.raw ops.RaggedTensorToTensor API,...

Google TensorFlow code issue vulnerability (CNVD-2021-46661)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A security vulnerability exists in TensorFlow 2.4.2,2.3.3,2.2.3,2.1.4 that stems from not verifying that a tensor is non-null. No detailed vulnerability details are provided at this time...

GHSA-RGVQ-PCVF-HX75 Heap OOB and null pointer dereference in `RaggedTensorToTensor`

Impact Due to lack of validation in tf.rawops.RaggedTensorToTensor, an attacker can exploit an undefined behavior if input arguments are empty: python import tensorflow as tf shape = tf.constant-1, -1, shape=2, dtype=tf.int64 values = tf.constant, shape=0, dtype=tf.int64 defaultvalue =...

GHSA-H4PC-GX2W-F2XV Heap OOB read in TFLite

Impact A specially crafted TFLite model could trigger an OOB read on heap in the TFLite implementation of SplitV: cc const int inputsize = SizeOfDimensioninput, axisvalue; If axisvalue is not a value between 0 and NumDimensionsinput, then the SizeOfDimension function will access data outside the...

GHSA-9C84-4HX6-XMM4 Integer overflow in TFLite concatentation

Impact The TFLite implementation of concatenation is vulnerable to an integer overflow issue: cc for int d = 0; d dims-size; ++d if d == axis sumaxis += t-dims-dataaxis; else TFLITEENSUREEQcontext, t-dims-datad, t0-dims-datad; An attacker can craft a model such that the dimensions of one of the...

GHSA-JJR8-M8G8-P6WV Null pointer dereference in TFLite's `Reshape` operator

Impact The fix for CVE-2020-15209 missed the case when the target shape of Reshape operator is given by the elements of a 1-D tensor. As such, the fix for the vulnerability allowed passing a null-buffer-backed tensor with a 1D shape: cc if tensor-data.raw == nullptr && tensor-bytes 0 if...

Heap OOB read in TFLite's implementation of `Minimum` or `Maximum`

Impact The implementations of the Minimum and Maximum TFLite operators can be used to read data outside of bounds of heap allocated objects, if any of the two input tensor arguments are empty. This is because the broadcasting implementation indexes in both tensors with the same index but does not...

GHSA-XVJM-FVXX-Q3HV CHECK-fail due to integer overflow

Impact An attacker can trigger a denial of service via a CHECK-fail in caused by an integer overflow in constructing a new tensor shape: python import tensorflow as tf inputlayer = 260-1 sparsedata = tf.rawops.SparseSplit splitdim=1, indices=0, 0, 0, 1, 0, 2, 4, 3, 5, 0, 5, 1, values=1.0, 1.0, 1....

Heap buffer overflow in `AvgPool3DGrad`

Impact The implementation of tf.rawops.AvgPool3DGrad is vulnerable to a heap buffer overflow: python import tensorflow as tf originputshape = tf.constant10, 6, 3, 7, 7, shape=5, dtype=tf.int32 grad = tf.constant0.01, 0, 0, shape=3, 1, 1, 1, 1, dtype=tf.float32 ksize = 1, 1, 1, 1, 1 strides = 1, 1...

GHSA-8GV3-57P6-G35R Heap buffer overflow in `RaggedTensorToTensor`

Impact An attacker can cause a heap buffer overflow in tf.rawops.RaggedTensorToTensor: python import tensorflow as tf shape = tf.constant10, 10, shape=2, dtype=tf.int64 values = tf.constant0, shape=1, dtype=tf.int64 defaultvalue = tf.constant0, dtype=tf.int64 l = 849, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0...

GHSA-JHQ9-WM9M-CF89 CHECK-failure in `UnsortedSegmentJoin`

Impact An attacker can cause a denial of service by controlling the values of numsegments tensor argument for UnsortedSegmentJoin: python import tensorflow as tf inputs = tf.constant, dtype=tf.string segmentids = tf.constant, dtype=tf.int32 numsegments = tf.constant, dtype=tf.int32 separator = ''...

GHSA-HMG3-C7XJ-6QWM Heap buffer overflow in `SparseTensorToCSRSparseMatrix`

Impact An attacker can trigger a denial of service via a CHECK-fail in converting sparse tensors to CSR Sparse matrices: python import tensorflow as tf import numpy as np from tensorflow.python.ops.linalg.sparse import sparsecsrmatrixops indicesarray = np.array0, 0 valuearray = np.array0.0,...

GHSA-84MW-34W6-2Q43 Null pointer dereference via invalid Ragged Tensors

Impact Calling tf.rawops.RaggedTensorToVariant with arguments specifying an invalid ragged tensor results in a null pointer dereference: python import tensorflow as tf inputtensor = tf.constant, shape=0, 0, 0, 0, 0, dtype=tf.float32 filtertensor = tf.constant, shape=0, 0, 0, 0, 0, dtype=tf.float3...

GHSA-452G-F7FP-9JF7 Type confusion during tensor casts lead to dereferencing null pointers

Impact Calling TF operations with tensors of non-numeric types when the operations expect numeric tensors result in null pointer dereferences. There are multiple ways to reproduce this, listing a few examples here: python import tensorflow as tf import numpy as np data =...

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service. An attacker may exploit the vulnerability by inputting a crafted x tensor which may cause a FPE runtime error in tf.rawops.FusedBatchNorm...

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service. A NULL pointer dereference occurs in MatrixDiag ops as the implementation does not validate that the tensor arguments are non-empty...

CVE-2021-29592

TensorFlow is an end-to-end open source platform for machine learning. The fix for CVE-2020-15209https://vulners.com/cve/CVE-2020-15209 missed the case when the target shape of Reshape operator is given by the elements of a 1-D tensor. As such, the fix for the...

CVE-2021-29521

TensorFlow is an end-to-end open source platform for machine learning. Specifying a negative dense shape in tf.rawops.SparseCountSparseOutput results in a segmentation fault being thrown out from the standard library as std::vector invariants are broken. This is because the...