Google Tensorflow vulnerabilities

CVE-2021-29545 [MEDIUM] CWE-131 CVE-2021-29545: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a den TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in converting sparse tensors to CSR Sparse matrices. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/800346f2c03a27e182dd4fba48295f65e7790739/tensorflow/core/kernels/sparse/kernels.cc#

CVE-2021-29554 [MEDIUM] CWE-369 CVE-2021-29554: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denia TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.DenseCountSparseOutput`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/efff014f3b2d8ef6141da30c806faf141297eca1/tensorflow/core/kernels/count_ops.cc#L123-L127) comp

CVE-2021-29517 [MEDIUM] CWE-369 CVE-2021-29517: TensorFlow is an end-to-end open source platform for machine learning. A malicious user could trigge TensorFlow is an end-to-end open source platform for machine learning. A malicious user could trigger a division by 0 in `Conv3D` implementation. The implementation(https://github.com/tensorflow/tensorflow/blob/42033603003965bffac51ae171b51801565e002d/tensorflow/core/kernels/conv_ops_3d.cc#L143-L145) does a modulo operation based on user controlled

CVE-2021-29580 [MEDIUM] CWE-908 CVE-2021-29580: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.FractionalMaxPoolGrad` triggers an undefined behavior if one of the input tensors is empty. The code is also vulnerable to a denial of service attack as a `CHECK` condition becomes false and aborts the process. The implementation(https://github.c

CVE-2021-29573 [MEDIUM] CWE-369 CVE-2021-29573: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` is vulnerable to a division by 0. The implementation(https://github.com/tensorflow/tensorflow/blob/279bab6efa22752a2827621b7edb56a730233bd8/tensorflow/core/kernels/maxpooling_op.cc#L1033-L1034) fails to validate that the ba

CVE-2021-29548 [MEDIUM] CWE-369 CVE-2021-29548: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runti TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.QuantizedBatchNormWithGlobalNormalization`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/55a97caa9e99c7f37a0bbbeb414dc55553d3ae7f/tensorflow/core/kernel

CVE-2021-29526 [MEDIUM] CWE-369 CVE-2021-29526: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a div TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in `tf.raw_ops.Conv2D`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/988087bd83f144af14087fe4fecee2d250d93737/tensorflow/core/kernels/conv_ops.cc#L261-L263) does a division by a quantity that is controlle

CVE-2021-29619 [MEDIUM] CWE-755 CVE-2021-29619: TensorFlow is an end-to-end open source platform for machine learning. Passing invalid arguments (e. TensorFlow is an end-to-end open source platform for machine learning. Passing invalid arguments (e.g., discovered via fuzzing) to `tf.raw_ops.SparseCountSparseOutput` results in segfault. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as

CVE-2021-29516 [MEDIUM] CWE-476 CVE-2021-29516: TensorFlow is an end-to-end open source platform for machine learning. Calling `tf.raw_ops.RaggedTen TensorFlow is an end-to-end open source platform for machine learning. Calling `tf.raw_ops.RaggedTensorToVariant` with arguments specifying an invalid ragged tensor results in a null pointer dereference. The implementation of `RaggedTensorToVariant` operations(https://github.com/tensorflow/tensorflow/blob/904b3926ed1c6c70380d5313d282d248a776baa1/ten

CVE-2021-29556 [MEDIUM] CWE-369 CVE-2021-29556: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denia TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.Reverse`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/36229ea9e9451dac14a8b1f4711c435a1d84a594/tensorflow/core/kernels/reverse_op.cc#L75-L76) performs a division

CVE-2021-29602 [MEDIUM] CWE-369 CVE-2021-29602: TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `De TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `DepthwiseConv` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow/tensorflow/blob/1a8e885b864c818198a5b2c0cbbeca5a1e833bc8/tensorflow/lite/kernels/depthwise_conv.cc#L287-L288). An attacker can craft a model such that

CVE-2021-29524 [MEDIUM] CWE-369 CVE-2021-29524: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a div TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in `tf.raw_ops.Conv2DBackpropFilter`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/496c2630e51c1a478f095b084329acedb253db6b/tensorflow/core/kernels/conv_grad_shape_utils.cc#L130) does a modulus operation

CVE-2021-29527 [MEDIUM] CWE-369 CVE-2021-29527: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a div TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in `tf.raw_ops.QuantizedConv2D`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/00e9a4d67d76703fa1aee33dac582acf317e0e81/tensorflow/core/kernels/quantized_conv_ops.cc#L257-L259) does a division by a quantit

CVE-2021-29538 [MEDIUM] CWE-369 CVE-2021-29538: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a divis TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a division by zero to occur in `Conv2DBackpropFilter`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/1b0296c3b8dd9bd948f924aa8cd62f87dbb7c3da/tensorflow/core/kernels/conv_grad_filter_ops.cc#L513-L522) computes a divisor bas

CVE-2021-29533 [MEDIUM] CWE-754 CVE-2021-29533: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a den TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK` failure by passing an empty image to `tf.raw_ops.DrawBoundingBoxes`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/ea34a18dc3f5c8d80a40ccca1404f343b5d55f91/tensorflow/core/kernels/image/d

CVE-2021-29547 [MEDIUM] CWE-125 CVE-2021-29547: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a segfa TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a segfault and denial of service via accessing data outside of bounds in `tf.raw_ops.QuantizedBatchNormWithGlobalNormalization`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/55a97caa9e99c7f37a0bbbeb414dc55553d3ae7f/tensorf

CVE-2021-29564 [MEDIUM] CWE-476 CVE-2021-29564: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a nul TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of `tf.raw_ops.EditDistance`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/79865b542f9ffdc9caeb255631f7c56f1d4b6517/tensorflow/core/kernels/edit_distance_op.cc#L103-L159)

CVE-2021-29521 [MEDIUM] CWE-131 CVE-2021-29521: TensorFlow is an end-to-end open source platform for machine learning. Specifying a negative dense s TensorFlow is an end-to-end open source platform for machine learning. Specifying a negative dense shape in `tf.raw_ops.SparseCountSparseOutput` results in a segmentation fault being thrown out from the standard library as `std::vector` invariants are broken. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/8f7b60ee8c

CVE-2021-29557 [MEDIUM] CWE-369 CVE-2021-29557: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denia TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.SparseMatMul`. The division by 0 occurs deep in Eigen code because the `b` tensor is empty. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, Tens

CVE-2021-29534 [MEDIUM] CWE-754 CVE-2021-29534: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a den TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.SparseConcat`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/b432a38fe0e1b4b904a6c222cbce794c39703e87/tensorflow/core/kernels/sparse_concat_op.cc#L76) takes the values