Intel Optimization For Tensorflow vulnerabilities

CVE-2023-33976 [HIGH] CWE-190 TensorFlow has segfault in array_ops.upper_bound TensorFlow has segfault in array_ops.upper_bound ### Impact `array_ops.upper_bound` causes a segfault when not given a rank 2 tensor. ### Patches We have patched the issue in GitHub commit [915884fdf5df34aaedd00fc6ace33a2cfdefa586](https://github.com/tensorflow/tensorflow/commit/915884fdf5df34aaedd00fc6ace33a2cfdefa586). The fix will be included in TensorFlow 2.13. We will also cherrypick this commit in TensorFlow

CVE-2023-30767 [MEDIUM] CWE-92 CVE-2023-30767: Improper buffer restrictions in Intel(R) Optimization for TensorFlow before version 2.13.0 may allow Improper buffer restrictions in Intel(R) Optimization for TensorFlow before version 2.13.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2023-27506 [HIGH] CWE-92 CVE-2023-27506: Improper buffer restrictions in the Intel(R) Optimization for Tensorflow software before version 2.1 Improper buffer restrictions in the Intel(R) Optimization for Tensorflow software before version 2.12 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2023-25661 [MEDIUM] CWE-20 TensorFlow Denial of Service vulnerability TensorFlow Denial of Service vulnerability ### Impact A malicious invalid input crashes a tensorflow model (Check Failed) and can be used to trigger a denial of service attack. To minimize the bug, we built a simple single-layer TensorFlow model containing a Convolution3DTranspose layer, which works well with expected inputs and can be deployed in real-world systems. However, if we call the model with a malicious input wh

CVE-2023-25668 [CRITICAL] CWE-122 TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation ### Impact Attackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or RCE. When axis is larger than the dim of input, c->Dim(input,axis) goes out of bound. Same problem occurs in the Quantize

CVE-2023-25671 [HIGH] CWE-787 TensorFlow has segmentation fault in tfg-translate TensorFlow has segmentation fault in tfg-translate ### Impact Out-of-bounds access due to mismatched integer type sizes in ValueMap::Manager::GetValueOrCreatePlaceholder. Bug with tfg-translate call to InitMlir. The problem happens with generic functions, as it is already handled for non-generic functions. This is because they, unlike non-generic functions, are using the "old importer". A better long-term solution

CVE-2023-25801 [HIGH] CWE-415 TensorFlow has double free in Fractional(Max/Avg)Pool TensorFlow has double free in Fractional(Max/Avg)Pool ### Impact `nn_ops.fractional_avg_pool_v2` and `nn_ops.fractional_max_pool_v2` require the first and fourth elements of their parameter `pooling_ratio` to be equal to 1.0, as pooling on batch and channel dimensions is not supported. ```python import tensorflow as tf import os import numpy as np from tensorflow.python.ops import nn_ops try: arg_0_tensor = tf.

CVE-2023-25673 [HIGH] CWE-697 TensorFlow has Floating Point Exception in TensorListSplit with XLA TensorFlow has Floating Point Exception in TensorListSplit with XLA ### Impact FPE in TensorListSplit with XLA ```python import tensorflow as tf func = tf.raw_ops.TensorListSplit para = {'tensor': [1], 'element_shape': -1, 'lengths': [0]} @tf.function(jit_compile=True) def fuzz_jit(): y = func(**para) return y print(fuzz_jit()) ``` ### Patches We have patched the issue in GitHub commit [728113a

CVE-2023-27579 [HIGH] CWE-697 TensorFlow has Floating Point Exception in TFLite in conv kernel TensorFlow has Floating Point Exception in TFLite in conv kernel ### Impact Constructing a tflite model with a paramater `filter_input_channel` of less than 1 gives a FPE. ### Patches We have patched the issue in GitHub commit [34f8368c535253f5c9cb3a303297743b62442aaa](https://github.com/tensorflow/tensorflow/commit/34f8368c535253f5c9cb3a303297743b62442aaa). The fix will be included in TensorFlow 2

CVE-2023-25675 [HIGH] CWE-697 TensorFlow has Segfault in Bincount with XLA TensorFlow has Segfault in Bincount with XLA ### Impact When running with XLA, `tf.raw_ops.Bincount` segfaults when given a parameter `weights` that is neither the same shape as parameter `arr` nor a length-0 tensor. ```python import tensorflow as tf func = tf.raw_ops.Bincount para={'arr': 6, 'size': 804, 'weights': [52, 351]} @tf.function(jit_compile=True) def fuzz_jit(): y = func(**para) return y print(fuzz_jit())

CVE-2023-25664 [HIGH] CWE-120 TensorFlow has Heap-buffer-overflow in AvgPoolGrad TensorFlow has Heap-buffer-overflow in AvgPoolGrad ### Impact ```python import os os.environ['TF_ENABLE_ONEDNN_OPTS'] = '0' import tensorflow as tf print(tf.__version__) with tf.device("CPU"): ksize = [1, 40, 128, 1] strides = [1, 128, 128, 30] padding = "SAME" data_format = "NHWC" orig_input_shape = [11, 9, 78, 9] grad = tf.saturate_cast(tf.random.uniform([16, 16, 16, 16], minval=-128, maxval=129, dtype=tf.int64),

CVE-2023-25666 [HIGH] CWE-697 TensorFlow has Floating Point Exception in AudioSpectrogram TensorFlow has Floating Point Exception in AudioSpectrogram ### Impact version:2.11.0 //core/ops/audio_ops.cc:70 Status SpectrogramShapeFn(InferenceContext* c) { ShapeHandle input; TF_RETURN_IF_ERROR(c->WithRank(c->input(0), 2, &input)); int32_t window_size; TF_RETURN_IF_ERROR(c->GetAttr("window_size", &window_size)); int32_t stride; TF_RETURN_IF_ERROR(c->GetAttr("stride", &stride)); .....[1] DimensionHa

CVE-2023-25670 [HIGH] CWE-476 TensorFlow has Null Pointer Error in QuantizedMatMulWithBiasAndDequantize TensorFlow has Null Pointer Error in QuantizedMatMulWithBiasAndDequantize ### Impact NPE in QuantizedMatMulWithBiasAndDequantize with MKL enable ```python import tensorflow as tf func = tf.raw_ops.QuantizedMatMulWithBiasAndDequantize para={'a': tf.constant(138, dtype=tf.quint8), 'b': tf.constant(4, dtype=tf.qint8), 'bias': [[31.81644630432129, 47.21876525878906], [109.95201110839844, 152.079

CVE-2023-25658 [HIGH] CWE-125 TensorFlow vulnerable to Out-of-Bounds Read in GRUBlockCellGrad TensorFlow vulnerable to Out-of-Bounds Read in GRUBlockCellGrad ### Impact Out of bounds read in GRUBlockCellGrad ```python func = tf.raw_ops.GRUBlockCellGrad para = {'x': [[21.1, 156.2], [83.3, 115.4]], 'h_prev': array([[136.5], [136.6]]), 'w_ru': array([[26.7, 0.8], [47.9, 26.1], [26.2, 26.3]]), 'w_c': array([[ 0.4], [31.5], [ 0.6]]), 'b_ru': array([0.1, 0.2 ], dtype=float32), 'b_c': 0x41414141, 'r'

CVE-2023-25659 [HIGH] CWE-125 TensorFlow vulnerable to Out-of-Bounds Read in DynamicStitch TensorFlow vulnerable to Out-of-Bounds Read in DynamicStitch ### Impact If the parameter `indices` for `DynamicStitch` does not match the shape of the parameter `data`, it can trigger an stack OOB read. ```python import tensorflow as tf func = tf.raw_ops.DynamicStitch para={'indices': [[0xdeadbeef], [405], [519], [758], [1015]], 'data': [[110.27793884277344], [120.29475402832031], [157.2418212890625], [1

CVE-2023-25662 [HIGH] CWE-190 TensorFlow vulnerable to integer overflow in EditDistance TensorFlow vulnerable to integer overflow in EditDistance ### Impact TFversion 2.11.0 //tensorflow/core/ops/array_ops.cc:1067 const Tensor* hypothesis_shape_t = c->input_tensor(2); std::vector dims(hypothesis_shape_t->NumElements() - 1); for (int i = 0; i MakeDim(std::max(h_values(i), t_values(i))); } if hypothesis_shape_t is empty, hypothesis_shape_t->NumElements() - 1 will be integer overflow, and the it

CVE-2023-25663 [HIGH] CWE-476 TensorFlow has Null Pointer Error in TensorArrayConcatV2 TensorFlow has Null Pointer Error in TensorArrayConcatV2 ### Impact When ctx->step_containter() is a null ptr, the Lookup function will be executed with a null pointer. ```python import tensorflow as tf tf.raw_ops.TensorArrayConcatV2(handle=['a', 'b'], flow_in = 0.1, dtype=tf.int32, element_shape_except0=1) ``` ### Patches We have patched the issue in GitHub commit [239139d2ae6a81ae9ba499ad78b56d9b2931538a](

CVE-2023-25665 [HIGH] CWE-476 TensorFlow has Null Pointer Error in SparseSparseMaximum TensorFlow has Null Pointer Error in SparseSparseMaximum ### Impact When `SparseSparseMaximum` is given invalid sparse tensors as inputs, it can give an NPE. ```python import tensorflow as tf tf.raw_ops.SparseSparseMaximum( a_indices=[[1]], a_values =[ 0.1 ], a_shape = [2], b_indices=[[]], b_values =[2 ], b_shape = [2], ) ``` ### Patches We have patched the issue in GitHub commit [5e0ecfb42f5f65629fd7a4edd6

CVE-2023-25669 [HIGH] CWE-697 TensorFlow has Floating Point Exception in AvgPoolGrad with XLA TensorFlow has Floating Point Exception in AvgPoolGrad with XLA ### Impact If the stride and window size are not positive for `tf.raw_ops.AvgPoolGrad`, it can give an FPE. ```python import tensorflow as tf import numpy as np @tf.function(jit_compile=True) def test(): y = tf.raw_ops.AvgPoolGrad(orig_input_shape=[1,0,0,0], grad=[[[[0.39117979]]]], ksize=[1,0,0,0], strides=[1,0,0,0], padding="SAME", dat

CVE-2023-25676 [HIGH] CWE-476 TensorFlow has null dereference on ParallelConcat with XLA TensorFlow has null dereference on ParallelConcat with XLA ### Impact When running with XLA, `tf.raw_ops.ParallelConcat` segfaults with a nullptr dereference when given a parameter `shape` with rank that is not greater than zero. ```python import tensorflow as tf func = tf.raw_ops.ParallelConcat para = {'shape': 0, 'values': [1]} @tf.function(jit_compile=True) def test(): y = func(**para) return y test(