PT-2022-26134 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.11.0 TensorFlow versions 2.8.4, 2.9.3, and 2.10.1 are affected, but will be patched with a cherrypick commit. Description: The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when SparseFillEmptyRowsGrad is given empty inputs. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users. Unlike other...

Out-of-Bounds

Overview Affected versions of this package are vulnerable to Out-of-Bounds in DynamicStitch due to missing validation when it receives a differing number of inputs, such as when it is called with an indices size 1 and a data size 2. Remediation Upgrade tensorflow-lite to version 2.12.0 or higher...

Always-Incorrect Control Flow Implementation

Overview Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation when a numpy array is created with a shape such that one element is zero and the sum of others is a large number. Remediation Upgrade tensorflow-lite to version 2.12.0 or higher. References -...

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow via tf.rawops.ImageProjectiveTransformV2 when a large output shape is given. Remediation Upgrade tensorflow-lite to version 2.12.0 or higher. References - GitHub Commit - Vulnerable Code Credit: Neophytos Christou from S...

Incorrect Calculation of Buffer Size

Overview Affected versions of this package are vulnerable to Incorrect Calculation of Buffer Size via tf.keras.losses.poisson which receives a ypred and ytrue that are passed through functor::mul in BinaryOp. If the resulting dimensions overflow an int32, TensorFlow will crash due to a size...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read when the BaseCandidateSamplerOp function receives a value in trueclasses larger than rangemax. Remediation Upgrade tensorflow-lite to version 2.12.0 or higher. References - GitHub Commit - Vulnerable Code Credit: Yu...

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow via tf.rawops.FusedResizeAndPadConv2D when a large tensor shape is given. Remediation Upgrade tensorflow-lite to version 2.12.0 or higher. References - GitHub Commit - Vulnerable Code Credit: Neophytos Christou from SSL ...

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation due to a missing check of tf.image.generateboundingboxproposals that receives a scores input that must be of rank 4 when running on GPU. Remediation Upgrade tensorflow-lite to version 2.12.0 or higher. Referenc...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS because the conversions from char to bool are undefined if the char is not 0 or 1. This can happen when printing a tensor: the data is got as a const char array and then it is typecasted to the element type. Detail...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when ThreadUnsafeUnigramCandidateSampler is given input filterbankchannelcount greater than the allowed max size. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessib...

Reachable Assertion

Overview Affected versions of this package are vulnerable to Reachable Assertion when tf.rawops.TensorListResize is given a nonscalar value for input size. It will results in a CHECK fail which can be used to trigger a denial of service attack. Remediation Upgrade tensorflow-lite to version 2.12....

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read. This is If MirrorPadGrad is given outsize input paddings. Remediation Upgrade tensorflow-lite to version 2.12.0 or higher. References - GitHub Commit - Vulnerable Code Credit: Vul AI...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when FractionMaxPoolGrad is given outsize inputs rowpoolingsequence and colpoolingsequence. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and...

Incorrect Calculation of Buffer Size

Overview Affected versions of this package are vulnerable to Incorrect Calculation of Buffer Size when tf.rawops.ResizeNearestNeighborGrad is given a large size input. Remediation Upgrade tensorflow-lite to version 2.12.0 or higher. References - GitHub Commit - Vulnerable Code Credit: Neophytos...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when tf.rawops.TensorListConcat is given elementshape=. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users. Unlike other...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when BCast::ToShape is given input larger than an int32, even if it is being supposed to handle up to an int64. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible...

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow. The reference kernel of the CONV3DTRANSPOSE TensorFlow Lite operator wrongly increments the dataptr when adding the bias to the result. Instead of dataptr += numchannels; it should be dataptr += outputnumchannels; as if...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference because the pywrap code fails to parse the tensor and returns a nullptr if a list of quantized tensors is assigned to an attribute. Remediation Upgrade tensorflow-lite to version 2.12.0 or higher. References -...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when an input encoded is not a valid CompositeTensorVariant tensor. This will trigger a segfault in tf.rawops.CompositeTensorVariantToComponents. Details Denial of Service DoS describes a family of attacks, all aim...