TensorFlow 输入验证错误漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google, Inc. in the United States. An input validation error vulnerability exists in versions of TensorFlow prior to 2.11.1, which stems from the fact that malicious invalid input can crash a tensorflow mod...

PT-2023-20222 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.11.1 Description: A malicious invalid input can crash a TensorFlow model and be used to trigger a denial of service attack. This issue can be exploited using the Convolution3DTranspose function, a common API in...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when running with XLA, tf.rawops.ParallelConcat segfaults with a nullptr dereference when given a parameter shape with rank that is not greater than zero. PoC import tensorflow as tf func = tf.rawops.ParallelConcat...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference due to a null pointer error in RandomShuffle with XLA enabled. PoC import tensorflow as tf func = tf.rawops.RandomShuffle para = 'value': 1e+20, 'seed': -4294967297, 'seed2': -2147483649...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS due to a floating point exception in TensorListSplit with XLA. PoC import tensorflow as tf func = tf.rawops.TensorListSplit para = 'tensor': 1, 'elementshape': -1, 'lengths': 0 @tf.functionjitcompile=True def...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference. The function tf.rawops.LookupTableImportV2 cannot handle scalars in the values parameter and gives a null pointer exception. PoC import tensorflow as tf v = tf.Variable1 @tf.functionjitcompile=True def test: fu...

Incorrect Comparison

Overview Affected versions of this package are vulnerable to Incorrect Comparison. Constructing a tflite model with a paramater filterinputchannel of less than 1 gives a float pointer exception. Remediation Upgrade tensorflow-lite to version 2.12.0 or higher. References - GitHub Commit Credit: Wa...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. When running with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor. PoC import tensorflow as tf func = tf.rawops.Bincount...

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow in TAvgPoolGrad. PoC import os os.environ'TFENABLEONEDNNOPTS' = '0' import tensorflow as tf printtf.version with tf.device"CPU": ksize = 1, 40, 128, 1 strides = 1, 128, 128, 30 padding = "SAME" dataformat = "NHWC"...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow. Attackers can access heap memory which is not in the control of user, leading to a crash or remote code execution. The fix will be included in TensorFlow version 2.12.0 and will also cherrypick this commit on...

Integer Overflow to Buffer Overflow

Overview Affected versions of this package are vulnerable to Integer Overflow to Buffer Overflow when 2^31 = numframes height width channels 2^32, for example Full HD screencast of at least 346 frames. PoC import urllib.request dat =...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in EditDistance. A fix is included in TensorFlow version 2.12.0 and version 2.11.1. PoC import tensorflow as tf para= 'hypothesisindices': , 'hypothesisvalues': 'tmp/', 'hypothesisshape': , 'truthindices':...

Out-of-Bounds

Overview Affected versions of this package are vulnerable to Out-of-Bounds due to mismatched integer type sizes in ValueMap::Manager::GetValueOrCreatePlaceholder, because there is a bug with the tfg-translate call to InitMlir. Remediation Upgrade tensorflow-lite to version 2.12.0 or higher...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS due to a floating point exception if the stride and window size are not positive for tf.rawops.AvgPoolGrad. PoC import tensorflow as tf import numpy as np @tf.functionjitcompile=True def test: y =...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference. When ctx-stepcontainter is a null ptr, the Lookup function will be executed with a null pointer. PoC import tensorflow as tf tf.rawops.TensorArrayConcatV2handle='a', 'b', flowin = 0.1, dtype=tf.int32,...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. When the parameter summarize of tf.rawops.Print is zero, the new method SummarizeArray will reference to a nullptr, leading to a seg fault. PoC import tensorflow as tf tf.rawops.Printinput = tf.constant1, 1, 1,...

Double Free

Overview Affected versions of this package are vulnerable to Double Free. The nnops.fractionalavgpoolv2 and nnops.fractionalmaxpoolv2 functions require the first and fourth elements of their parameter poolingratio to be equal to 1.0, as pooling on batch and channel dimensions is not supported. Po...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in QuantizedMatMulWithBiasAndDequantize with MKL enabled. PoC import tensorflow as tf func = tf.rawops.QuantizedMatMulWithBiasAndDequantize para='a': tf.constant138, dtype=tf.quint8, 'b': tf.constant4,...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS due to a floating point exception in AudioSpectrogram. PoC import tensorflow as tf para = 'input': tf.constant14., 24., dtype=tf.float32, 'windowsize': 1, 'stride': 0, 'magnitudesquared': False func =...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read if the parameter indices for DynamicStitch does not match the shape of the parameter data. PoC import tensorflow as tf func = tf.rawops.DynamicStitch para='indices': 0xdeadbeef, 405, 519, 758, 1015, 'data':...