Google Tensorflow vulnerabilities

CVE-2021-29583 [HIGH] CWE-476 CVE-2021-29583: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.FusedBatchNorm` is vulnerable to a heap buffer overflow. If the tensors are empty, the same implementation can trigger undefined behavior by dereferencing null pointers. The implementation(https://github.com/tensorflow/tensorflow/blob/57d86e0db5d13

CVE-2021-29570 [HIGH] CWE-125 CVE-2021-29570: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The implementation(https://github.com/tensorflow/tensorflow/blob/ef0c008ee84bad91ec6725ddc42091e19a30cf0e/tensorflow/core

CVE-2021-29536 [HIGH] CWE-131 CVE-2021-29536: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `QuantizedReshape` by passing in invalid thresholds for the quantization. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/a324ac84e573fba362a5e53d4e74d5de6729933e/tensorflow/core/kernels/quantized_resha

CVE-2021-29613 [HIGH] CWE-665 CVE-2021-29613: TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `tf. TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `tf.raw_ops.CTCLoss` allows an attacker to trigger an OOB read from heap. The fix will be included in TensorFlow 2.5.0. We will also cherrypick these commits on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also aff

CVE-2021-29569 [HIGH] CWE-125 CVE-2021-29569: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The implementation(https://github.com/tensorflow/tensorflow/blob/ac328eaa3870491ababc147822cd04e91a790643/tensorflow/core

CVE-2021-29594 [HIGH] CWE-369 CVE-2021-29594: TensorFlow is an end-to-end open source platform for machine learning. TFLite's convolution code(htt TensorFlow is an end-to-end open source platform for machine learning. TFLite's convolution code(https://github.com/tensorflow/tensorflow/blob/09c73bca7d648e961dd05898292d91a8322a9d45/tensorflow/lite/kernels/conv.cc) has multiple division where the divisor is controlled by the user and not checked to be non-zero. The fix will be included in TensorFlow

CVE-2021-29588 [HIGH] CWE-369 CVE-2021-29588: TensorFlow is an end-to-end open source platform for machine learning. The optimized implementation TensorFlow is an end-to-end open source platform for machine learning. The optimized implementation of the `TransposeConv` TFLite operator is [vulnerable to a division by zero error](https://github.com/tensorflow/tensorflow/blob/0d45ea1ca641b21b73bcf9c00e0179cda284e7e7/tensorflow/lite/kernels/internal/optimized/optimized_ops.h#L5221-L5222). An attacker

CVE-2021-29546 [HIGH] CWE-369 CVE-2021-29546: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger an in TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger an integer division by zero undefined behavior in `tf.raw_ops.QuantizedBiasAdd`. This is because the implementation of the Eigen kernel(https://github.com/tensorflow/tensorflow/blob/61bca8bd5ba8a68b2d97435ddfafcdf2b85672cd/tensorflow/core/kernels/quantizatio

CVE-2021-29574 [HIGH] CWE-476 CVE-2021-29574: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPool3DGradGrad` exhibits undefined behavior by dereferencing null pointers backing attacker-supplied empty tensors. The implementation(https://github.com/tensorflow/tensorflow/blob/72fe792967e7fd25234342068806707bbc116618/tensorflow/core/kernels

CVE-2021-29532 [HIGH] CWE-125 CVE-2021-29532: TensorFlow is an end-to-end open source platform for machine learning. An attacker can force accesse TensorFlow is an end-to-end open source platform for machine learning. An attacker can force accesses outside the bounds of heap allocated arrays by passing in invalid tensor values to `tf.raw_ops.RaggedCross`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/efea03b38fb8d3b81762237dc85e579cc5fc6e87/tensorflow/core/kern

CVE-2021-29535 [HIGH] CWE-131 CVE-2021-29535: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `QuantizedMul` by passing in invalid thresholds for the quantization. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/87cf4d3ea9949051e50ca3f071fc909538a51cd0/tensorflow/core/kernels/quantized_mul_op.cc

CVE-2021-29595 [HIGH] CWE-369 CVE-2021-29595: TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `De TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `DepthToSpace` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow/tensorflow/blob/0d45ea1ca641b21b73bcf9c00e0179cda284e7e7/tensorflow/lite/kernels/depth_to_space.cc#L63-L69). An attacker can craft a model such that `par

CVE-2021-29591 [HIGH] CWE-835 CVE-2021-29591: TensorFlow is an end-to-end open source platform for machine learning. TFlite graphs must not have l TensorFlow is an end-to-end open source platform for machine learning. TFlite graphs must not have loops between nodes. However, this condition was not checked and an attacker could craft models that would result in infinite loop during evaluation. In certain cases, the infinite loop would be replaced by stack overflow due to too many recursive calls.

CVE-2021-29578 [HIGH] CWE-119 CVE-2021-29578: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.FractionalAvgPoolGrad` is vulnerable to a heap buffer overflow. The implementation(https://github.com/tensorflow/tensorflow/blob/dcba796a28364d6d7f003f6fe733d82726dda713/tensorflow/core/kernels/fractional_avg_pool_op.cc#L216) fails to validate that

CVE-2021-29608 [HIGH] CWE-131 CVE-2021-29608: TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in `tf.raw_ops.RaggedTensorToTensor`, an attacker can exploit an undefined behavior if input arguments are empty. The implementation(https://github.com/tensorflow/tensorflow/blob/656e7673b14acd7835dc778867f84916c6d1cac2/tensorflow/core/kernels/ragged_tensor

CVE-2021-29515 [HIGH] CWE-476 CVE-2021-29515: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `Matrix TensorFlow is an end-to-end open source platform for machine learning. The implementation of `MatrixDiag*` operations(https://github.com/tensorflow/tensorflow/blob/4c4f420e68f1cfaf8f4b6e8e3eb857e9e4c3ff33/tensorflow/core/kernels/linalg/matrix_diag_op.cc#L195-L197) does not validate that the tensor arguments are non-empty. The fix will be included in T

CVE-2021-29560 [HIGH] CWE-125 CVE-2021-29560: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `tf.raw_ops.RaggedTensorToTensor`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/d94227d43aa125ad8b54115c03cece54f6a1977b/tensorflow/core/kernels/ragged_tensor_to_tensor_op.cc#L219-L222) uses the same

CVE-2021-29514 [HIGH] CWE-787 CVE-2021-29514: TensorFlow is an end-to-end open source platform for machine learning. If the `splits` argument of ` TensorFlow is an end-to-end open source platform for machine learning. If the `splits` argument of `RaggedBincount` does not specify a valid `SparseTensor`(https://www.tensorflow.org/api_docs/python/tf/sparse/SparseTensor), then an attacker can trigger a heap buffer overflow. This will cause a read from outside the bounds of the `splits` tensor buffer

CVE-2021-29590 [HIGH] CWE-125 CVE-2021-29590: TensorFlow is an end-to-end open source platform for machine learning. The implementations of the `M TensorFlow is an end-to-end open source platform for machine learning. The implementations of the `Minimum` and `Maximum` TFLite operators can be used to read data outside of bounds of heap allocated objects, if any of the two input tensor arguments are empty. This is because the broadcasting implementation(https://github.com/tensorflow/tensorflow/blo

CVE-2021-29598 [HIGH] CWE-369 CVE-2021-29598: TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `SV TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `SVDF` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow/tensorflow/blob/7f283ff806b2031f407db64c4d3edcda8fb9f9f5/tensorflow/lite/kernels/svdf.cc#L99-L102). An attacker can craft a model such that `params->rank` would