Google Tensorflow vulnerabilities

CVE-2021-37654 [HIGH] CWE-125 CVE-2021-37654: TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attac TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a crash via a `CHECK`-fail in debug builds of TensorFlow using `tf.raw_ops.ResourceGather` or a read from outside the bounds of heap allocated data in the same API in a release build. The [implementation](https://github.com/tensorflow/te

CVE-2021-37676 [HIGH] CWE-824 CVE-2021-37676: TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attac TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in `tf.raw_ops.SparseFillEmptyRows`. The shape inference [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/ops

CVE-2021-37666 [HIGH] CWE-824 CVE-2021-37666: TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attac TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in `tf.raw_ops.RaggedTensorToVariant`. The [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/ragged_te

CVE-2021-37657 [HIGH] CWE-824 CVE-2021-37657: TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attac TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all operations of type `tf.raw_ops.MatrixDiagV*`. The [implementation](https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/ker

CVE-2021-37678 [HIGH] CWE-502 CVE-2021-37678: TensorFlow is an end-to-end open source platform for machine learning. In affected versions TensorFl TensorFlow is an end-to-end open source platform for machine learning. In affected versions TensorFlow and Keras can be tricked to perform arbitrary code execution when deserializing a Keras model from YAML format. The [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/python/keras/saving

CVE-2021-37641 [HIGH] CWE-125 CVE-2021-37641: TensorFlow is an end-to-end open source platform for machine learning. In affected versions if the a TensorFlow is an end-to-end open source platform for machine learning. In affected versions if the arguments to `tf.raw_ops.RaggedGather` don't determine a valid ragged tensor code can trigger a read from outside of bounds of heap allocated buffers. The [implementation](https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f4

CVE-2021-37663 [HIGH] CWE-20 CVE-2021-37663: TensorFlow is an end-to-end open source platform for machine learning. In affected versions due to i TensorFlow is an end-to-end open source platform for machine learning. In affected versions due to incomplete validation in `tf.raw_ops.QuantizeV2`, an attacker can trigger undefined behavior via binding a reference to a null pointer or can access data outside the bounds of heap allocated arrays. The [implementation](https://github.com/tensorflow/tenso

CVE-2021-37662 [HIGH] CWE-824 CVE-2021-37662: TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attac TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can generate undefined behavior via a reference binding to nullptr in `BoostedTreesCalculateBestGainsPerFeature` and similar attack can occur in `BoostedTreesCalculateBestFeatureSplitV2`. The [implementation](https://github.com/tensorflow/tensorflow

CVE-2021-37664 [HIGH] CWE-125 CVE-2021-37664: TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attac TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to `BoostedTreesSparseCalculateBestFeatureSplit`. The [implementation](https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61

CVE-2021-37665 [HIGH] CWE-20 CVE-2021-37665: TensorFlow is an end-to-end open source platform for machine learning. In affected versions due to i TensorFlow is an end-to-end open source platform for machine learning. In affected versions due to incomplete validation in MKL implementation of requantization, an attacker can trigger undefined behavior via binding a reference to a null pointer or can access data outside the bounds of heap allocated arrays. The [implementation](https://github.com/ten

CVE-2021-37659 [HIGH] CWE-125 CVE-2021-37659: TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attac TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all binary cwise operations that don't require broadcasting (e.g., gradients of binary cwise operations). The [implementation](https://github.com/tensorflow/tensorflow/blob/84d0

CVE-2021-37674 [MEDIUM] CVE-2021-37674: TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attac TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a denial of service via a segmentation fault in `tf.raw_ops.MaxPoolGrad` caused by missing validation. The [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/maxpooli

CVE-2021-37673 [MEDIUM] CWE-20 CVE-2021-37673: TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attac TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.MapStage`. The [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/map_stage_op.cc#L513) does not check th

CVE-2021-37647 [MEDIUM] CWE-476 CVE-2021-37647: TensorFlow is an end-to-end open source platform for machine learning. When a user does not supply a TensorFlow is an end-to-end open source platform for machine learning. When a user does not supply arguments that determine a valid sparse tensor, `tf.raw_ops.SparseTensorSliceDataset` implementation can be made to dereference a null pointer. The [implementation](https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/

CVE-2021-37640 [MEDIUM] CWE-369 CVE-2021-37640: TensorFlow is an end-to-end open source platform for machine learning. In affected versions the impl TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of `tf.raw_ops.SparseReshape` can be made to trigger an integral division by 0 exception. The [implementation](https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/reshape_util.cc#L1

CVE-2021-37644 [MEDIUM] CWE-617 CVE-2021-37644: TensorFlow is an end-to-end open source platform for machine learning. In affected versions providin TensorFlow is an end-to-end open source platform for machine learning. In affected versions providing a negative element to `num_elements` list argument of `tf.raw_ops.TensorListReserve` causes the runtime to abort the process due to reallocating a `std::vector` to have a negative number of elements. The [implementation](https://github.com/tensorflo

CVE-2021-37689 [MEDIUM] CWE-476 CVE-2021-37689: TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attac TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would trigger a null pointer dereference, which would result in a crash and denial of service. This is caused by the MLIR optimization of `L2NormalizeReduceAxis` operator. The [implementation](https://github.com/tenso

CVE-2021-37692 [MEDIUM] CWE-20 CVE-2021-37692: TensorFlow is an end-to-end open source platform for machine learning. In affected versions under ce TensorFlow is an end-to-end open source platform for machine learning. In affected versions under certain conditions, Go code can trigger a segfault in string deallocation. For string tensors, `C.TF_TString_Dealloc` is called during garbage collection within a finalizer function. However, tensor structure isn't checked until encoding to avoid a perfo

CVE-2021-37691 [MEDIUM] CWE-369 CVE-2021-37691: TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attac TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would trigger a division by zero error in LSH [implementation](https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/lsh_projection.cc#L118). We have patched th

CVE-2021-37687 [MEDIUM] CWE-125 CVE-2021-37687: TensorFlow is an end-to-end open source platform for machine learning. In affected versions TFLite's TensorFlow is an end-to-end open source platform for machine learning. In affected versions TFLite's [`GatherNd` implementation](https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/gather_nd.cc#L124) does not support negative indices but there are no checks for this situation. Hence, an atta