Denial of Service in Tensorflow

Impact The SparseFillEmptyRowsGrad implementation has incomplete validation of the shapes of its arguments: https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/core/kernels/sparsefillemptyrowsop.ccL235-L241 Although reverseindexmapt and gradvaluest ar...

accuinsight (>=1.0.47 <=1.0.61), alphad3m (>=0.10.0 <=0.10.0.dev1) +82 more potentially affected by CVE-2020-15192 via tensorflow (=2.2.0)

tensorflow PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - accuinsight =1.0.47, =0.10.0, =0.5.0, =0.2.0, =0.0.6, =1.2.0, =1.0.0, =0.0.15, =0.0.16 and more Source cves: CVE-2020-15192 Source advisory...

Memory leak in Tensorflow

Impact If a user passes a list of strings to dlpack.todlpack there is a memory leak following an expected validation failure: https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/c/eager/dlpack.ccL100-L104 The allocated memory is from...

adapt-diagnostics (=1.2.0), adversarial-friend (=1.1.8) +64 more potentially affected by CVE-2020-15190 via tensorflow (=2.3.0)

tensorflow PYPI version =2.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - adapt-diagnostics =1.2.0 - adversarial-friend =1.1.8 - aliby-baby =0.1.0, =0.0.1a0, =0.0.1, =1.0.1.0, =0.1.0, =2.0.0, =0.1.0, =0.0.17, =0.1...

ai4bharat-transliteration (>=1.1.0 <=1.1.3), aipack (>=0.0.1 <=0.0.5) +52 more potentially affected by CVE-2020-15190 via tensorflow (>=2.0.0 <=2.0.1)

tensorflow PYPI version =2.0.0, =1.1.0, =0.0.1, =0.1.3.2, =0.2.6, =0.2.0, =0.0.2, =1.0.0.1, =0.0.1, =1.0.4, =0.6.0.post3, =0.1.3, =1.0.0, =1.0.1 and more Source cves: CVE-2020-15190 Source advisory: OSV:GHSA-4G9F-63RX-5CW4...

Segfault in Tensorflow

Impact The tf.rawops.Switch operation takes as input a tensor and a boolean and outputs two tensors. Depending on the boolean value, one of the tensors is exactly the input tensor whereas the other one should be an empty tensor. However, the eager runtime traverses all tensors in the output:...

PT-2020-14271 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: Tensorflow versions prior to 2.3.1 Description: The RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor, specifically that the values in the splits tensor generate a valid partitioning ...

PT-2020-14267 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow version 2.3.0 Description: The SparseCountSparseOutput and RaggedCountSparseOutput implementations do not validate that the weights tensor has the same shape as the data. This can lead to a read from outside the bounds of the heap...

PT-2020-14274 · Google +1 · Tensorflow +1

Name of the Vulnerable Software and Affected Versions: Tensorflow versions prior to 1.15.4 Tensorflow versions prior to 2.0.3 Tensorflow versions prior to 2.1.2 Tensorflow versions prior to 2.2.1 Tensorflow versions prior to 2.3.1 Description: A format string vulnerability exists due to the way t...

Security Bulletin: WML CE: TensorFlow: In SQLite before 3.32.3, select.c mishandles query-flattener optimization

Summary In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. TensorFlow in WML CE uses SQLite as its embedded SQL database engine. Vulnerability Details CVEID:...

Security Bulletin: WML CE: SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.

Summary Tensorflow uses SQLite as its embedded SQL database engine. SQLite through 3.32.0 has an integer overflow in sqlite3strvappendf in printf.c so it has been updated to 3.32.3 in WML CE. Vulnerability Details CVEID: CVE-2020-13435 DESCRIPTION: SQLite is vulnerable to a denial of service,...

Security Bulletin: WML CE: Pillow before 7.1.0 has multiple out-of-bounds reads

Summary Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c. PyTorch and TensorFlow use Pillow. Vulnerability Details CVEID: CVE-2020-10177 DESCRIPTION: Pillow could allow a remote attacker to obtain sensitive information, caused by multiple out-of-bounds reads in...

Security Bulletin: WML CE: In Pillow before 7.1.0, there is a Buffer Overflow

Summary In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c. PyTorch and TensorFlow uses Pillow. Vulnerability Details CVEID: CVE-2020-10378 DESCRIPTION: Pillow could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read when readin...

Security Bulletin: WMLCE: libpcre in PCRE before 8.44 allows an integer overflow

Summary PCRE, which is using in TensorFlow allows an integer overflow via a large number after a ?C substring. Vulnerability Details CVEID: CVE-2020-14155 DESCRIPTION: PCRE could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in libpcre. By sending ...

Security Bulletin: WML CE: SQLite through 3.32.2 has has a use-after-free problem.

Summary SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late. Vulnerability Details CVEID: CVE-2020-13871 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by a use-after-free in resetAccumulator in...

Security Bulletin: WML CE: WML CE: SQLite through 3.32.0 has various security issues.

Summary TensorFlow in WML CE uses SQLite as its embedded SQL database engine. SQLite through 3.32.0 has various security issues. Vulnerability Details CVEID: CVE-2020-13631 DESCRIPTION: SQLite could allow a remote attacker to bypass security restrictions, caused by a flaw in the alter.c and...

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in TensorFlow

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of TensorFlow. Vulnerability Details CVEID: CVE-2020-5215 DESCRIPTION: Tensorflow is vulnerable to a denial of service, caused by a flaw when converting a string from Python to a tf.float16 value. By sending a...

Misconfigured Kubeflow workloads are a security risk

Azure Security Center ASC monitors and defends thousands of Kubernetes clusters running on top of AKS. Azure Security Center regularly searches for and research for new attack vectors against Kubernetes workloads. We recently published a blog post about a large scale campaign against Kubernetes...

Out-of-bounds read in TensorFlow possibly causing disclosure of the contents of process memory.

TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decodebmpop.cc...

GHSA-H98H-8MXR-M8GX Out-of-bounds read in TensorFlow possibly causing disclosure of the contents of process memory.

TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decodebmpop.cc...