EUVD-2021-0423

Malware in sbrugna...

BIT-TENSORFLOW-2021-41217 Null pointer exception when `Exit` node is not preceded by `Enter` op

TensorFlow is an open source platform for machine learning. In affected versions the process of building the control flow graph for a TensorFlow model is vulnerable to a null pointer exception when nodes that should be paired are not. This occurs because the code assumes that the first node in th...

BIT-TENSORFLOW-2021-41220 Use after free in `CollectiveReduceV2`

TensorFlow is an open source platform for machine learning. In affected versions the async implementation of CollectiveReduceV2 suffers from a memory leak and a use after free. This occurs due to the asynchronous computation and the fact that objects that have been std::moved from are still...

BIT-TENSORFLOW-2021-41221 Access to invalid memory during shape inference in `Cudnn*` ops

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for the Cudnn operations in TensorFlow can be tricked into accessing invalid memory, via a heap buffer overflow. This occurs because the ranks of the input, inputh and inputc parameters are n...

BIT-TENSORFLOW-2021-41227 Arbitrary memory read in `ImmutableConst`

TensorFlow is an open source platform for machine learning. In affected versions the ImmutableConst operation in TensorFlow can be tricked into reading arbitrary memory contents. This is because the tstring TensorFlow string class has a special case for memory mapped strings but the operation...

aadhaar-detection (=0.5.0), accuinsight (>=1.0.84 <=1.0.87) +39 more potentially affected by unknown CVE via tensorflow (>=2.7.0 <=2.7.1)

tensorflow PYPI version =2.7.0, =1.0.84, =3.0.22, =0.1.11, =0.1.11, =0.1.11, =0.1.0, =0.0.1, =1.2.1, =0.1.5.dev202303131412, =0.1.0, =0.1.1 and more Source cves: unknown CVE Source advisory: OSV:GHSA-MW6J-HH29-H379...

aadhaar-detection (=0.5.0), accuinsight (>=1.0.84 <=1.0.87) +39 more potentially affected by CVE-2022-29206 via tensorflow (>=2.7.0 <=2.7.1)

tensorflow PYPI version =2.7.0, =1.0.84, =3.0.22, =0.1.11, =0.1.11, =0.1.11, =0.1.0, =0.0.1, =1.2.1, =0.1.5.dev202303131412, =0.1.0, =0.1.1 and more Source cves: CVE-2022-29206 Source advisory: OSV:GHSA-RC9W-5C64-9VQQ...

lsmmdma (>=0.0.4 <=0.1.7), tpu-tf2 (=1.0.0) potentially affected by CVE-2022-29201 via tensorflow-cpu (=2.7.0)

tensorflow-cpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - lsmmdma =0.0.4, =0.1.7 - tpu-tf2 =1.0.0 Source cves: CVE-2022-29201 Source advisory: OSV:GHSA-PQHM-4WVF-2JG8...

aadhaar-detection (=0.5.0), accuinsight (>=1.0.84 <=1.0.87) +38 more potentially affected by unknown CVE via tensorflow (>=2.7.0 <=2.7.0rc1)

tensorflow PYPI version =2.7.0, =1.0.84, =3.0.22, =0.1.11, =0.1.11, =0.1.11, =0.1.0, =0.0.1, =0.1.5.dev202303131412, =0.1.0, =0.1.1 and more Source cves: unknown CVE Source advisory: OSV:GHSA-H6GW-R52C-724R...

lsmmdma (>=0.0.4 <=0.1.7), tpu-tf2 (=1.0.0) potentially affected by unknown CVE via tensorflow-cpu (=2.7.0)

tensorflow-cpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - lsmmdma =0.0.4, =0.1.7 - tpu-tf2 =1.0.0 Source cves: unknown CVE Source advisory: OSV:GHSA-43Q8-3FV7-PR5X...

GHSA-XRQM-FPGR-6HHX Overflow/crash in `tf.range`

Impact While calculating the size of the output within the tf.range kernel, there is a conditional statement of type int64 = condition ? int64 : double. Due to C++ implicit conversion rules, both branches of the condition will be cast to double and the result would be truncated before the...

GHSA-786J-5QWQ-R36X Segfault while copying constant resource tensor

Impact During TensorFlow's Grappler optimizer phase, constant folding might attempt to deep copy a resource tensor. This results in a segfault, as these tensors are supposed to not change. Patches We have patched the issue in GitHub commit 7731e8dfbe4a56773be5dc94d631611211156659. The fix will be...

Segfault while copying constant resource tensor

Impact During TensorFlow's Grappler optimizer phase, constant folding might attempt to deep copy a resource tensor. This results in a segfault, as these tensors are supposed to not change. Patches We have patched the issue in GitHub commit 7731e8dfbe4a56773be5dc94d631611211156659. The fix will be...

FPE in `ParallelConcat`

Impact The implementation of ParallelConcat misses some input validation and can produce a division by 0: python import tensorflow as tf @tf.function def test: y = tf.rawops.ParallelConcatvalues='tf',shape=0 return y test Patches We have patched the issue in GitHub commit...

GHSA-6HPV-V2RX-C5G6 FPE in convolutions with zero size filters

Impact The implementations for convolution operators trigger a division by 0 if passed empty filter tensor arguments. Patches We have patched the issue in GitHub commit f2c3931113eaafe9ef558faaddd48e00a6606235. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on...

GHSA-CVGX-3V3Q-M36C Heap OOB in shape inference for `QuantizeV2`

Impact The shape inference code for QuantizeV2 can trigger a read outside of bounds of heap allocated array: python import tensorflow as tf @tf.function def test: data=tf.rawops.QuantizeV2 input=1.0,1.0, minrange=1.0,10.0, maxrange=1.0,10.0, T=tf.qint32, mode='MINCOMBINED', roundmode='HALFTOEVEN'...

GHSA-VWHQ-49R4-GJ9V Reference binding to `nullptr` in `tf.ragged.cross`

Impact The shape inference code for tf.ragged.cross has an undefined behavior due to binding a reference to nullptr. In the following scenario, this results in a crash: python import tensorflow as tf @tf.function def test: y = tf.ragged.crosstf.ragged.constant'1','2' return y test Patches We have...

Null pointer exception in `DeserializeSparse`

Impact The shape inference code for DeserializeSparse can trigger a null pointer dereference: python import tensorflow as tf dataset = tf.data.Dataset.range3 @tf.function def test: y = tf.rawops.DeserializeSparse serializedsparse=tf.data.experimental.tovariantdataset, dtype=tf.int32 test This is...

GHSA-9CRF-C6QR-R273 Integer division by 0 in `tf.raw_ops.AllToAll`

Impact The shape inference code for AllToAll can be made to execute a division by 0: python import tensorflow as tf @tf.function def func: return tf.rawops.AllToAll input=0.0, 0.1652, 0.6543, groupassignment=1, -1, concatdimension=0, splitdimension=0, splitcount=0 func This occurs whenever the...

Undefined behavior via `nullptr` reference binding in sparse matrix multiplication

Impact The code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to nullptr: python import tensorflow as tf tf.rawops.SparseMatMul a=1.0,1.0,1.0, b=,,, transposea=False, transposeb=False, aissparse=False, bissparse=True This occurs whenever the dimensio...