TensorFlow has null dereference on ParallelConcat with XLA

Impact When running with XLA, tf.rawops.ParallelConcat segfaults with a nullptr dereference when given a parameter shape with rank that is not greater than zero. python import tensorflow as tf func = tf.rawops.ParallelConcat para = 'shape': 0, 'values': 1 @tf.functionjitcompile=True def test: y =...

a2grunnerp (>=0.1.0 <=0.1.8), abba-python (>=0.1.6 <=0.3.0) +607 more potentially affected by CVE-2023-25801 via tensorflow (>=1.0.1 <=2.11.0rc2)

tensorflow PYPI version =1.0.1, =0.1.0, =0.1.6, =1.1.2, =0.0.1, =0.3.26, =1.1.0, =0.0.1, =0.2.0, =0.3.1, =0.5.1 and more Source cves: CVE-2023-25801 Source advisory: OSV:GHSA-F49C-87JH-G47Q...

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +80 more potentially affected by CVE-2023-25801 via tensorflow-gpu (>=1.10.1 <=2.0.4)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =1.0.0, =0.0.1, =0.0.2, =0.6.7, =0.1.2, =0.1.0, =0.1.2 - dragonn =0.4.2 and more Source cves: CVE-2023-25801 Source advisory: OSV:GHSA-F49C-87JH-G47Q...

cifar-10-model (=7.4.0), gamornet-cpu (>=0.2.3 <=0.4.3) +8 more potentially affected by CVE-2023-25801 via tensorflow-cpu (>=1.15.0 <=2.11.0)

tensorflow-cpu PYPI version =1.15.0, =0.2.3, =0.0.5, =1.0.0, =1.8.2, =0.1.3, =0.3.0.dev221212, =0.7.0, =0.7.5 Source cves: CVE-2023-25801 Source advisory: OSV:GHSA-F49C-87JH-G47Q...

GHSA-F49C-87JH-G47Q TensorFlow has double free in Fractional(Max/Avg)Pool

Impact nnops.fractionalavgpoolv2 and nnops.fractionalmaxpoolv2 require the first and fourth elements of their parameter poolingratio to be equal to 1.0, as pooling on batch and channel dimensions is not supported. python import tensorflow as tf import os import numpy as np from...

TensorFlow has double free in Fractional(Max/Avg)Pool

Impact nnops.fractionalavgpoolv2 and nnops.fractionalmaxpoolv2 require the first and fourth elements of their parameter poolingratio to be equal to 1.0, as pooling on batch and channel dimensions is not supported. python import tensorflow as tf import os import numpy as np from...

cifar-10-model (=7.4.0), gamornet-cpu (>=0.2.3 <=0.4.3) +8 more potentially affected by CVE-2023-27579 via tensorflow-cpu (>=1.15.0 <=2.11.0)

tensorflow-cpu PYPI version =1.15.0, =0.2.3, =0.0.5, =1.0.0, =1.8.2, =0.1.3, =0.3.0.dev221212, =0.7.0, =0.7.5 Source cves: CVE-2023-27579 Source advisory: OSV:GHSA-5W96-866F-6RM8...

GHSA-5W96-866F-6RM8 TensorFlow has Floating Point Exception in TFLite in conv kernel

Impact Constructing a tflite model with a paramater filterinputchannel of less than 1 gives a FPE. Patches We have patched the issue in GitHub commit 34f8368c535253f5c9cb3a303297743b62442aaa. The fix will be included in TensorFlow 2.12. We will also cherrypick this commit on TensorFlow 2.11.1. Fo...

a2grunnerp (>=0.1.0 <=0.1.8), abba-python (>=0.1.6 <=0.3.0) +607 more potentially affected by CVE-2023-27579 via tensorflow (>=1.0.1 <=2.11.0rc2)

tensorflow PYPI version =1.0.1, =0.1.0, =0.1.6, =1.1.2, =0.0.1, =0.3.26, =1.1.0, =0.0.1, =0.2.0, =0.3.1, =0.5.1 and more Source cves: CVE-2023-27579 Source advisory: OSV:GHSA-5W96-866F-6RM8...

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +80 more potentially affected by CVE-2023-27579 via tensorflow-gpu (>=1.10.1 <=2.0.4)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =1.0.0, =0.0.1, =0.0.2, =0.6.7, =0.1.2, =0.1.0, =0.1.2 - dragonn =0.4.2 and more Source cves: CVE-2023-27579 Source advisory: OSV:GHSA-5W96-866F-6RM8...

TensorFlow has Floating Point Exception in TFLite in conv kernel

Impact Constructing a tflite model with a paramater filterinputchannel of less than 1 gives a FPE. Patches We have patched the issue in GitHub commit 34f8368c535253f5c9cb3a303297743b62442aaa. The fix will be included in TensorFlow 2.12. We will also cherrypick this commit on TensorFlow 2.11.1. Fo...

cifar-10-model (=7.4.0), gamornet-cpu (>=0.2.3 <=0.4.3) +8 more potentially affected by CVE-2023-25658 via tensorflow-cpu (>=1.15.0 <=2.11.0)

tensorflow-cpu PYPI version =1.15.0, =0.2.3, =0.0.5, =1.0.0, =1.8.2, =0.1.3, =0.3.0.dev221212, =0.7.0, =0.7.5 Source cves: CVE-2023-25658 Source advisory: OSV:GHSA-68V3-G9CM-RMM6...

TensorFlow vulnerable to Out-of-Bounds Read in GRUBlockCellGrad

Impact Out of bounds read in GRUBlockCellGrad python func = tf.rawops.GRUBlockCellGrad para = 'x': 21.1, 156.2, 83.3, 115.4, 'hprev': array136.5, 136.6, 'wru': array26.7, 0.8, 47.9, 26.1, 26.2, 26.3, 'wc': array 0.4, 31.5, 0.6, 'bru': array0.1, 0.2 , dtype=float32, 'bc': 0x41414141, 'r': array0.3...

a2grunnerp (>=0.1.0 <=0.1.8), abba-python (>=0.1.6 <=0.3.0) +607 more potentially affected by CVE-2023-25658 via tensorflow (>=1.0.1 <=2.11.0rc2)

tensorflow PYPI version =1.0.1, =0.1.0, =0.1.6, =1.1.2, =0.0.1, =0.3.26, =1.1.0, =0.0.1, =0.2.0, =0.3.1, =0.5.1 and more Source cves: CVE-2023-25658 Source advisory: OSV:GHSA-68V3-G9CM-RMM6...

arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +80 more potentially affected by CVE-2023-25658 via tensorflow-gpu (>=1.10.1 <=2.0.4)

tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =1.0.0, =0.0.1, =0.0.2, =0.6.7, =0.1.2, =0.1.0, =0.1.2 - dragonn =0.4.2 and more Source cves: CVE-2023-25658 Source advisory: OSV:GHSA-68V3-G9CM-RMM6...

GHSA-68V3-G9CM-RMM6 TensorFlow vulnerable to Out-of-Bounds Read in GRUBlockCellGrad

Impact Out of bounds read in GRUBlockCellGrad python func = tf.rawops.GRUBlockCellGrad para = 'x': 21.1, 156.2, 83.3, 115.4, 'hprev': array136.5, 136.6, 'wru': array26.7, 0.8, 47.9, 26.1, 26.2, 26.3, 'wc': array 0.4, 31.5, 0.6, 'bru': array0.1, 0.2 , dtype=float32, 'bc': 0x41414141, 'r': array0.3...

PT-2023-20227 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.12.0 and 2.11.1 Description: The issue is related to a floating point exception in the AudioSpectrogram function. The exception occurs when the stride is set to 0. This can be exploited by passing a stride value...

PT-2023-21221 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.12 TensorFlow version 2.11.1 and earlier Description: Constructing a tflite model with a parameter filter input channel of less than 1 gives a Floating Point Exception FPE. This issue affects TensorFlow, an...

PT-2023-20236 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.12.0 and 2.11.1 Description: The issue is a null pointer error in RandomShuffle with XLA enabled. A fix is included in TensorFlow 2.12.0 and 2.11.1. The error can be triggered by using the tf.raw ops.RandomShuff...

PT-2023-20228 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.12.0 and 2.11.1 Description: Integer overflow occurs when 2^31 = num frames height width channels 2^32, for example, a Full HD screencast of at least 346 frames. This issue is related to the tf.io.decode gif...