Google Tensorflow vulnerabilities

CVE-2021-29576 [HIGH] CWE-119 CVE-2021-29576: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPool3DGradGrad` is vulnerable to a heap buffer overflow. The implementation(https://github.com/tensorflow/tensorflow/blob/596c05a159b6fbb9e39ca10b3f7753b7244fa1e9/tensorflow/core/kernels/pooling_ops_3d.cc#L694-L696) does not check that the initi

CVE-2021-29597 [HIGH] CWE-369 CVE-2021-29597: TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `Sp TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `SpaceToBatchNd` TFLite operator is [vulnerable to a division by zero error](https://github.com/tensorflow/tensorflow/blob/412c7d9bb8f8a762c5b266c9e73bfa165f29aac8/tensorflow/lite/kernels/space_to_batch_nd.cc#L82-L83). An attacker can craft a model such th

CVE-2021-29579 [HIGH] CWE-119 CVE-2021-29579: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGrad` is vulnerable to a heap buffer overflow. The implementation(https://github.com/tensorflow/tensorflow/blob/ab1e644b48c82cb71493f4362b4dd38f4577a1cf/tensorflow/core/kernels/maxpooling_op.cc#L194-L203) fails to validate that indices used

CVE-2021-29610 [HIGH] CWE-665 CVE-2021-29610: TensorFlow is an end-to-end open source platform for machine learning. The validation in `tf.raw_ops TensorFlow is an end-to-end open source platform for machine learning. The validation in `tf.raw_ops.QuantizeAndDequantizeV2` allows invalid values for `axis` argument:. The validation(https://github.com/tensorflow/tensorflow/blob/eccb7ec454e6617738554a255d77f08e60ee0808/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L74-L77) uses `||` to mix t

CVE-2021-29568 [HIGH] CWE-824 CVE-2021-29568: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger undef TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger undefined behavior by binding to null pointer in `tf.raw_ops.ParameterizedTruncatedNormal`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/3f6fe4dfef6f57e768260b48166c27d148f3015f/tensorflow/core/kernels/parameterized_trunca

CVE-2021-29577 [HIGH] CWE-119 CVE-2021-29577: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.AvgPool3DGrad` is vulnerable to a heap buffer overflow. The implementation(https://github.com/tensorflow/tensorflow/blob/d80ffba9702dc19d1fac74fc4b766b3fa1ee976b/tensorflow/core/kernels/pooling_ops_3d.cc#L376-L450) assumes that the `orig_input_shap

CVE-2021-29540 [HIGH] CWE-120 CVE-2021-29540: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow to occur in `Conv2DBackpropFilter`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/1b0296c3b8dd9bd948f924aa8cd62f87dbb7c3da/tensorflow/core/kernels/conv_grad_filter_ops.cc#L495-L497) computes the size of

CVE-2021-29566 [HIGH] CWE-787 CVE-2021-29566: TensorFlow is an end-to-end open source platform for machine learning. An attacker can write outside TensorFlow is an end-to-end open source platform for machine learning. An attacker can write outside the bounds of heap allocated arrays by passing invalid arguments to `tf.raw_ops.Dilation2DBackpropInput`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/afd954e65f15aea4d438d0a219136fc4a63a573d/tensorflow/core/kernels/

CVE-2021-29606 [HIGH] CWE-125 CVE-2021-29606: TensorFlow is an end-to-end open source platform for machine learning. A specially crafted TFLite mo TensorFlow is an end-to-end open source platform for machine learning. A specially crafted TFLite model could trigger an OOB read on heap in the TFLite implementation of `Split_V`(https://github.com/tensorflow/tensorflow/blob/c59c37e7b2d563967da813fa50fe20b21f4da683/tensorflow/lite/kernels/split_v.cc#L99). If `axis_value` is not a value between 0 and

CVE-2021-29529 [HIGH] CWE-131 CVE-2021-29529: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a hea TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a heap buffer overflow in `tf.raw_ops.QuantizedResizeBilinear` by manipulating input values so that float rounding results in off-by-one error in accessing image elements. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/44b7f

CVE-2021-29512 [HIGH] CWE-120 CVE-2021-29512: TensorFlow is an end-to-end open source platform for machine learning. If the `splits` argument of ` TensorFlow is an end-to-end open source platform for machine learning. If the `splits` argument of `RaggedBincount` does not specify a valid `SparseTensor`(https://www.tensorflow.org/api_docs/python/tf/sparse/SparseTensor), then an attacker can trigger a heap buffer overflow. This will cause a read from outside the bounds of the `splits` tensor buffer

CVE-2021-29553 [HIGH] CWE-125 CVE-2021-29553: TensorFlow is an end-to-end open source platform for machine learning. An attacker can read data out TensorFlow is an end-to-end open source platform for machine learning. An attacker can read data outside of bounds of heap allocated buffer in `tf.raw_ops.QuantizeAndDequantizeV3`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/11ff7f80667e6490d7b5174aa6bf5e01886e770f/tensorflow/core/kernels/quantize_and_dequantize_op

CVE-2021-29601 [HIGH] CWE-190 CVE-2021-29601: TensorFlow is an end-to-end open source platform for machine learning. The TFLite implementation of TensorFlow is an end-to-end open source platform for machine learning. The TFLite implementation of concatenation is vulnerable to an integer overflow issue(https://github.com/tensorflow/tensorflow/blob/7b7352a724b690b11bfaae2cd54bc3907daf6285/tensorflow/lite/kernels/concatenation.cc#L70-L76). An attacker can craft a model such that the dimensions of o

CVE-2021-29614 [HIGH] CWE-665 CVE-2021-29614: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.io. TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.io.decode_raw` produces incorrect results and crashes the Python interpreter when combining `fixed_length` and wider datatypes. The implementation of the padded version(https://github.com/tensorflow/tensorflow/blob/1d8903e5b167ed0432077a3db6e462daf781d1fe/

CVE-2021-29599 [HIGH] CWE-369 CVE-2021-29599: TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `Sp TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `Split` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow/tensorflow/blob/e2752089ef7ce9bcf3db0ec618ebd23ea119d0c7/tensorflow/lite/kernels/split.cc#L63-L65). An attacker can craft a model such that `num_splits` would b

CVE-2021-29558 [HIGH] CWE-787 CVE-2021-29558: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `tf.raw_ops.SparseSplit`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/699bff5d961f0abfde8fa3f876e6d241681fbef8/tensorflow/core/util/sparse/sparse_tensor.h#L528-L530) accesses an array element based

CVE-2021-29513 [HIGH] CWE-476 CVE-2021-29513: TensorFlow is an end-to-end open source platform for machine learning. Calling TF operations with te TensorFlow is an end-to-end open source platform for machine learning. Calling TF operations with tensors of non-numeric types when the operations expect numeric tensors result in null pointer dereferences. The conversion from Python array to C++ array(https://github.com/tensorflow/tensorflow/blob/ff70c47a396ef1e3cb73c90513da4f5cb71bebba/tensorflow/py

CVE-2021-29593 [HIGH] CWE-369 CVE-2021-29593: TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `Ba TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `BatchToSpaceNd` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow/tensorflow/blob/b5ed552fe55895aee8bd8b191f744a069957d18d/tensorflow/lite/kernels/batch_to_space_nd.cc#L81-L82). An attacker can craft a model such that

CVE-2021-29559 [HIGH] CWE-125 CVE-2021-29559: TensorFlow is an end-to-end open source platform for machine learning. An attacker can access data o TensorFlow is an end-to-end open source platform for machine learning. An attacker can access data outside of bounds of heap allocated array in `tf.raw_ops.UnicodeEncode`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/472c1f12ad9063405737679d4f6bd43094e1d36d/tensorflow/core/kernels/unicode_ops.cc) assumes that the `i

CVE-2021-29530 [HIGH] CWE-476 CVE-2021-29530: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a nul TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference by providing an invalid `permutation` to `tf.raw_ops.SparseMatrixSparseCholesky`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/080f1d9e257589f78b3ffb75debf584168aa6062/tensorflow/core/kernels/spa