Google Tensorflow vulnerabilities

CVE-2021-29539 [MEDIUM] CWE-681 CVE-2021-29539: TensorFlow is an end-to-end open source platform for machine learning. Calling `tf.raw_ops.Immutable TensorFlow is an end-to-end open source platform for machine learning. Calling `tf.raw_ops.ImmutableConst`(https://www.tensorflow.org/api_docs/python/tf/raw_ops/ImmutableConst) with a `dtype` of `tf.resource` or `tf.variant` results in a segfault in the implementation as code assumes that the tensor contents are pure scalars. We have patched the iss

CVE-2021-29522 [MEDIUM] CWE-369 CVE-2021-29522: TensorFlow is an end-to-end open source platform for machine learning. The `tf.raw_ops.Conv3DBackpro TensorFlow is an end-to-end open source platform for machine learning. The `tf.raw_ops.Conv3DBackprop*` operations fail to validate that the input tensors are not empty. In turn, this would result in a division by 0. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/a91bb59769f19146d5a0c20060244378e878f140/tensorflow/c

CVE-2021-29544 [MEDIUM] CWE-754 CVE-2021-29544: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a den TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.QuantizeAndDequantizeV4Grad`. This is because the implementation does not validate the rank of the `input_*` tensors. In turn, this results in the tensors being passes as they are to `QuantizeAndDequant

CVE-2021-29541 [MEDIUM] CWE-476 CVE-2021-29541: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a der TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a dereference of a null pointer in `tf.raw_ops.StringNGrams`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/1cdd4da14282210cc759e468d9781741ac7d01bf/tensorflow/core/kernels/string_ngrams_op.cc#L67-L74) does not fully vali

CVE-2021-29550 [MEDIUM] CWE-369 CVE-2021-29550: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runti TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.FractionalAvgPool`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/acc8ee69f5f46f92a3f1f11230f49c6ac266f10c/tensorflow/core/kernels/fractional_avg_pool_op

CVE-2021-29549 [MEDIUM] CWE-369 CVE-2021-29549: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runti TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.QuantizedBatchNormWithGlobalNormalization`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/6f26b3f3418201479c264f2a02000880d8df151c/tensorflow/core/kernel

CVE-2021-29605 [MEDIUM] CWE-190 CVE-2021-29605: TensorFlow is an end-to-end open source platform for machine learning. The TFLite code for allocatin TensorFlow is an end-to-end open source platform for machine learning. The TFLite code for allocating `TFLiteIntArray`s is vulnerable to an integer overflow issue(https://github.com/tensorflow/tensorflow/blob/4ceffae632721e52bf3501b736e4fe9d1221cdfa/tensorflow/lite/c/common.c#L24-L27). An attacker can craft a model such that the `size` multiplier is

CVE-2021-29604 [MEDIUM] CWE-369 CVE-2021-29604: TensorFlow is an end-to-end open source platform for machine learning. The TFLite implementation of TensorFlow is an end-to-end open source platform for machine learning. The TFLite implementation of hashtable lookup is vulnerable to a division by zero error(https://github.com/tensorflow/tensorflow/blob/1a8e885b864c818198a5b2c0cbbeca5a1e833bc8/tensorflow/lite/kernels/hashtable_lookup.cc#L114-L115) An attacker can craft a model such that `values`'s

CVE-2021-29581 [MEDIUM] CWE-908 CVE-2021-29581: TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in `tf.raw_ops.CTCBeamSearchDecoder`, an attacker can trigger denial of service via segmentation faults. The implementation(https://github.com/tensorflow/tensorflow/blob/a74768f8e4efbda4def9f16ee7e13cf3922ac5f7/tensorflow/core/kernels/ctc_decoder_ops.cc#L

CVE-2021-29555 [MEDIUM] CWE-369 CVE-2021-29555: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denia TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.FusedBatchNorm`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/828f346274841fa7505f7020e88ca36c22e557ab/tensorflow/core/kernels/fused_batch_norm_op.cc#L295-L297) pe

CVE-2021-29523 [MEDIUM] CWE-190 CVE-2021-29523: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a den TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.AddManySparseToTensorsMap`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/6f9896890c4c703ae0a0845394086e2e1e523299/tensorflow/core/kernels/sparse_tensors_map_ops.cc#L2

CVE-2021-29572 [MEDIUM] CWE-476 CVE-2021-29572: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.SdcaOptimizer` triggers undefined behavior due to dereferencing a null pointer. The implementation(https://github.com/tensorflow/tensorflow/blob/60a45c8b6192a4699f2e2709a2645a751d435cc3/tensorflow/core/kernels/sdca_internal.cc) does not validate

CVE-2021-29561 [MEDIUM] CWE-617 CVE-2021-29561: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denia TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from `tf.raw_ops.LoadAndRemapMatrix`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/d94227d43aa125ad8b54115c03cece54f6a1977b/tensorflow/core/kernels/ragged_tensor_t

CVE-2021-29567 [MEDIUM] CWE-617 CVE-2021-29567: TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in `tf.raw_ops.SparseDenseCwiseMul`, an attacker can trigger denial of service via `CHECK`-fails or accesses to outside the bounds of heap allocated data. Since the implementation(https://github.com/tensorflow/tensorflow/blob/38178a2f7a681a7835bb0912702a1

CVE-2021-29551 [MEDIUM] CWE-125 CVE-2021-29551: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `Matrix TensorFlow is an end-to-end open source platform for machine learning. The implementation of `MatrixTriangularSolve`(https://github.com/tensorflow/tensorflow/blob/8cae746d8449c7dda5298327353d68613f16e798/tensorflow/core/kernels/linalg/matrix_triangular_solve_op_impl.h#L160-L240) fails to terminate kernel execution if one validation condition fails.

CVE-2021-29562 [MEDIUM] CWE-617 CVE-2021-29562: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denia TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from the implementation of `tf.raw_ops.IRFFT`. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow

CVE-2021-29618 [MEDIUM] CWE-755 CVE-2021-29618: TensorFlow is an end-to-end open source platform for machine learning. Passing a complex argument to TensorFlow is an end-to-end open source platform for machine learning. Passing a complex argument to `tf.transpose` at the same time as passing `conjugate=True` argument results in a crash. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, a

CVE-2021-29584 [MEDIUM] CWE-190 CVE-2021-29584: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a den TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in caused by an integer overflow in constructing a new tensor shape. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/0908c2f2397c099338b901b067f6495a5b96760b/tensorflow/core/kernels/sp

CVE-2021-29617 [MEDIUM] CWE-755 CVE-2021-29617: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denia TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via `CHECK`-fail in `tf.strings.substr` with invalid arguments. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are a

CVE-2021-29531 [MEDIUM] CWE-754 CVE-2021-29531: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a `CH TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a `CHECK` fail in PNG encoding by providing an empty input tensor as the pixel data. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/e312e0791ce486a80c9d23110841525c6f7c3289/tensorflow/core/kernels/image/encode_png_op.cc#L5