EUVD-2021-0295

Malware in sbrugna...

BIT-TENSORFLOW-2021-29513 Type confusion during tensor casts lead to dereferencing null pointers

TensorFlow is an end-to-end open source platform for machine learning. Calling TF operations with tensors of non-numeric types when the operations expect numeric tensors result in null pointer dereferences. The conversion from Python array to C++...

BIT-TENSORFLOW-2021-29520 Heap buffer overflow in `Conv3DBackprop*`

TensorFlow is an end-to-end open source platform for machine learning. Missing validation between arguments to tf.rawops.Conv3DBackprop operations can result in heap buffer overflows. This is because the...

BIT-TENSORFLOW-2021-29554 Division by 0 in `DenseCountSparseOutput`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.DenseCountSparseOutput. This is because the...

BIT-TENSORFLOW-2021-29568 Reference binding to null in `ParameterizedTruncatedNormal`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger undefined behavior by binding to null pointer in tf.rawops.ParameterizedTruncatedNormal. This is because the...

BIT-TENSORFLOW-2021-29570 Heap out of bounds read in `MaxPoolGradWithArgmax`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGradWithArgmax can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The...

abmarl (>=0.1.1 <=0.1.3), agrothon (>=1.1.5 <=1.3.2) +94 more potentially affected by CVE-2021-37645 via tensorflow (>=2.4.0 <=2.4.2)

tensorflow PYPI version =2.4.0, =0.1.1, =1.1.5, =2.1.0, =0.7.0, =0.0.1, =0.0.6, =0.1.0, =1.4.0, =1.2.2, =20210221.0.0, =0.7.2, =0.7.4 and more Source cves: CVE-2021-37645 Source advisory: OSV:PYSEC-2021-267...

Incomplete validation in `SparseReshape`

Impact Incomplete validation in SparseReshape results in a denial of service based on a CHECK-failure. python import tensorflow as tf inputindices = tf.constant41, shape=1, 1, dtype=tf.int64 inputshape = tf.zeros11, dtype=tf.int64 newshape = tf.zeros1, dtype=tf.int64...

Division by zero in TFLite's convolution code

Impact TFLite's convolution code has multiple division where the divisor is controlled by the user and not checked to be non-zero. For example: cc const int inputsize = NumElementsinput / SizeOfDimensioninput, 0; Patches We have patched the issue in GitHub commit...

Reference binding to null in `ParameterizedTruncatedNormal`

Impact An attacker can trigger undefined behavior by binding to null pointer in tf.rawops.ParameterizedTruncatedNormal: python import tensorflow as tf shape = tf.constant, shape=0, dtype=tf.int32 means = tf.constant1, dtype=tf.float32 stdevs = tf.constant1, dtype=tf.float32 minvals = tf.constant1...

Heap buffer overflow in `StringNGrams`

Impact An attacker can cause a heap buffer overflow by passing crafted inputs to tf.rawops.StringNGrams: python import tensorflow as tf separator = b'\x02\x00' ngramwidths = 7, 6, 11 leftpad = b'\x7f\x7f\x7f\x7f\x7f' rightpad = b'\x7f\x7f\x25\x5d\x53\x74' padwidth = 50 preserveshortsequences = Tr...

Division by zero in `Conv2DBackpropFilter`

Impact An attacker can cause a division by zero to occur in Conv2DBackpropFilter: python import tensorflow as tf inputtensor = tf.constant, shape=0, 0, 0, 0, dtype=tf.float32 filtersizes = tf.constant0, 0, 0, 0, shape=4, dtype=tf.int32 outbackprop = tf.constant, shape=0, 0, 0, 0, dtype=tf.float32...

Heap out of bounds read in `RaggedCross`

Impact An attacker can force accesses outside the bounds of heap allocated arrays by passing in invalid tensor values to tf.rawops.RaggedCross: python import tensorflow as tf raggedvalues = raggedrowsplits = sparseindices = sparsevalues = sparseshape = denseinputselem = tf.constant, shape=92, 0,...

Division by 0 in `Conv2DBackpropFilter`

Impact An attacker can trigger a division by 0 in tf.rawops.Conv2DBackpropFilter: python import tensorflow as tf inputtensor = tf.constant, shape=0, 0, 1, 0, dtype=tf.float32 filtersizes = tf.constant1, 1, 1, 1, shape=4, dtype=tf.int32 outbackprop = tf.constant, shape=0, 0, 1, 1, dtype=tf.float32...

CHECK-fail in SparseCross due to type confusion

Impact The API of tf.rawops.SparseCross allows combinations which would result in a CHECK-failure and denial of service: python import tensorflow as tf hashedoutput = False numbuckets = 1949315406 hashkey = 1869835877 outtype = tf.string internaltype = tf.string indices1 = tf.constant0, 6, shape=...

Null pointer dereference via invalid Ragged Tensors

Impact Calling tf.rawops.RaggedTensorToVariant with arguments specifying an invalid ragged tensor results in a null pointer dereference: python import tensorflow as tf inputtensor = tf.constant, shape=0, 0, 0, 0, 0, dtype=tf.float32 filtertensor = tf.constant, shape=0, 0, 0, 0, 0, dtype=tf.float3...

CVE-2021-29613

TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in tf.rawops.CTCLoss allows an attacker to trigger an OOB read from heap. The fix will be included in TensorFlow 2.5.0. We will also cherrypick these commits on TensorFlow 2.4.2, TensorFlow 2.3.3,...

CVE-2021-29615

TensorFlow is an end-to-end open source platform for machine learning. The implementation of ParseAttrValuehttps://github.com/tensorflow/tensorflow/blob/c22d88d6ff33031aa113e48aa3fc9aa74ed79595/tensorflow/core/framework/attrvalueutil.ccL397-L453 can be tricked into stack overflow due to recursion...

CVE-2021-29606

TensorFlow is an end-to-end open source platform for machine learning. A specially crafted TFLite model could trigger an OOB read on heap in the TFLite implementation of...

CVE-2021-29579

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGrad is vulnerable to a heap buffer overflow. The...