Google Tensorflow vulnerabilities

CVE-2022-21738 [MEDIUM] CWE-190 CVE-2022-21738: Tensorflow is an Open Source Machine Learning Framework. The implementation of `SparseCountSparseOut Tensorflow is an Open Source Machine Learning Framework. The implementation of `SparseCountSparseOutput` can be made to crash a TensorFlow process by an integer overflow whose result is then used in a memory allocation. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and Tensor

CVE-2022-23569 [MEDIUM] CWE-617 CVE-2022-23569: Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be us Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via `CHECK`-fails (i.e., assertion failures). This is similar to TFSA-2021-198 and has similar fixes. We have patched the reported issues in multiple GitHub commits. It is possible that other similar instances exist i

CVE-2022-23568 [MEDIUM] CWE-190 CVE-2022-23568: Tensorflow is an Open Source Machine Learning Framework. The implementation of `AddManySparseToTenso Tensorflow is an Open Source Machine Learning Framework. The implementation of `AddManySparseToTensorsMap` is vulnerable to an integer overflow which results in a `CHECK`-fail when building new `TensorShape` objects (so, an assert failure based denial of service). We are missing some validation on the shapes of the input tensors as well as directly

CVE-2022-21739 [MEDIUM] CWE-476 CVE-2022-21739: Tensorflow is an Open Source Machine Learning Framework. The implementation of `QuantizedMaxPool` ha Tensorflow is an Open Source Machine Learning Framework. The implementation of `QuantizedMaxPool` has an undefined behavior where user controlled inputs can trigger a reference binding to null pointer. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as the

CVE-2022-21737 [MEDIUM] CWE-754 CVE-2022-21737: Tensorflow is an Open Source Machine Learning Framework. The implementation of `*Bincount` operation Tensorflow is an Open Source Machine Learning Framework. The implementation of `*Bincount` operations allows malicious users to cause denial of service by passing in arguments which would trigger a `CHECK`-fail. There are several conditions that the input arguments must satisfy. Some are not caught during shape inference and others are not caught du

CVE-2022-21733 [MEDIUM] CWE-190 CVE-2022-21733: Tensorflow is an Open Source Machine Learning Framework. The implementation of `StringNGrams` can be Tensorflow is an Open Source Machine Learning Framework. The implementation of `StringNGrams` can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. We are missing a validation on `pad_witdh` and that result in computing a negative value for `ngram_width` which is later used to allocate par

CVE-2022-21735 [MEDIUM] CWE-369 CVE-2022-21735: Tensorflow is an Open Source Machine Learning Framework. The implementation of `FractionalMaxPool` c Tensorflow is an Open Source Machine Learning Framework. The implementation of `FractionalMaxPool` can be made to crash a TensorFlow process via a division by 0. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in suppor

CVE-2022-21732 [MEDIUM] CWE-770 CVE-2022-21732: Tensorflow is an Open Source Machine Learning Framework. The implementation of `ThreadPoolHandle` ca Tensorflow is an Open Source Machine Learning Framework. The implementation of `ThreadPoolHandle` can be used to trigger a denial of service attack by allocating too much memory. This is because the `num_threads` argument is only checked to not be negative, but there is no upper bound on its value. The fix will be included in TensorFlow 2.8.0. We wi

CVE-2022-21731 [MEDIUM] CWE-843 CVE-2022-21731: Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ` Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `ConcatV2` can be used to trigger a denial of service attack via a segfault caused by a type confusion. The `axis` argument is translated into `concat_dim` in the `ConcatShapeHelper` helper function. Then, a value for `min_rank` is computed based on `c

CVE-2021-41228 [HIGH] CWE-78 CVE-2021-41228: TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's `saved TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's `saved_model_cli` tool is vulnerable to a code injection as it calls `eval` on user supplied strings. This can be used by attackers to run arbitrary code on the plaform where the CLI tool runs. However, given that the tool is always run manually, the impact of

CVE-2021-41205 [HIGH] CWE-125 CVE-2021-41205: TensorFlow is an open source platform for machine learning. In affected versions the shape inference TensorFlow is an open source platform for machine learning. In affected versions the shape inference functions for the `QuantizeAndDequantizeV*` operations can trigger a read outside of bounds of heap allocated array. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow

CVE-2021-41212 [HIGH] CWE-125 CVE-2021-41212: TensorFlow is an open source platform for machine learning. In affected versions the shape inference TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `tf.ragged.cross` can trigger a read outside of bounds of heap allocated array. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also af

CVE-2021-41224 [HIGH] CWE-125 CVE-2021-41224: TensorFlow is an open source platform for machine learning. In affected versions the implementation TensorFlow is an open source platform for machine learning. In affected versions the implementation of `SparseFillEmptyRows` can be made to trigger a heap OOB access. This occurs whenever the size of `indices` does not match the size of `values`. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, Tens

CVE-2021-41223 [HIGH] CWE-125 CVE-2021-41223: TensorFlow is an open source platform for machine learning. In affected versions the implementation TensorFlow is an open source platform for machine learning. In affected versions the implementation of `FusedBatchNorm` kernels is vulnerable to a heap OOB access. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in support

CVE-2021-41219 [HIGH] CWE-824 CVE-2021-41219: TensorFlow is an open source platform for machine learning. In affected versions the code for sparse TensorFlow is an open source platform for machine learning. In affected versions the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to `nullptr`. This occurs whenever the dimensions of `a` or `b` are 0 or less. In the case on one of these is 0, an empty output tensor should be allocated (to conserve t

CVE-2021-41208 [HIGH] CWE-476 CVE-2021-41208: TensorFlow is an open source platform for machine learning. In affected versions the code for booste TensorFlow is an open source platform for machine learning. In affected versions the code for boosted trees in TensorFlow is still missing validation. As a result, attackers can trigger denial of service (via dereferencing `nullptr`s or via `CHECK`-failures) as well as abuse undefined behavior (binding references to `nullptr`s). An attacker can also r

CVE-2021-41206 [HIGH] CWE-354 CVE-2021-41206: TensorFlow is an open source platform for machine learning. In affected versions several TensorFlow TensorFlow is an open source platform for machine learning. In affected versions several TensorFlow operations are missing validation for the shapes of the tensor arguments involved in the call. Depending on the API, this can result in undefined behavior and segfault or `CHECK`-fail related crashes but in some scenarios writes and reads from heap popul

CVE-2021-41201 [HIGH] CWE-824 CVE-2021-41201: TensorFlow is an open source platform for machine learning. In affeced versions during execution, `E TensorFlow is an open source platform for machine learning. In affeced versions during execution, `EinsumHelper::ParseEquation()` is supposed to set the flags in `input_has_ellipsis` vector and `*output_has_ellipsis` boolean to indicate whether there is ellipsis in the corresponding inputs and output. However, the code only changes these flags to `tru

CVE-2021-41216 [HIGH] CWE-120 CVE-2021-41216: TensorFlow is an open source platform for machine learning. In affected versions the shape inference TensorFlow is an open source platform for machine learning. In affected versions the shape inference function for `Transpose` is vulnerable to a heap buffer overflow. This occurs whenever `perm` contains negative elements. The shape inference function does not validate that the indices in `perm` are all valid. The fix will be included in TensorFlow 2.

CVE-2021-41211 [HIGH] CWE-125 CVE-2021-41211: TensorFlow is an open source platform for machine learning. In affected versions the shape inference TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `QuantizeV2` can trigger a read outside of bounds of heap allocated array. This occurs whenever `axis` is a negative value less than `-1`. In this case, we are accessing data before the start of a heap buffer. The code allows `axis` to be an o