issues
advisories
todo
stats
log
login

Log

« prev 1 2 … 469 470 471 472 473 474 475 … 2047 2048 next »

CVE-2021-37669 created at 13 Aug 2021 07:57:58

Severity

High

Remote

Local

Type

+	Denial of service

Description

In TensorFlow before version 2.6.0 an attacker can cause denial of service in applications serving models using tf.raw_ops.NonMaxSuppressionV5 by triggering a division by 0. The implementation uses a user controlled argument to resize a std::vector. However, as std::vector::resize takes the size argument as a size_t and output_size is an int, there is an implicit conversion to unsigned. If the attacker supplies a negative value, this conversion results in a crash. A similar issue occurs in CombinedNonMaxSuppression and commit b5cdbf12ffcaaffecf98f22a6be5a64bb96e4f58.

References

+	https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vmjw-c2vp-p33c
+	https://github.com/tensorflow/tensorflow/commit/3a7362750d5c372420aa8f0caf7bf5b5c3d0f52d
+	https://github.com/tensorflow/tensorflow/commit/b5cdbf12ffcaaffecf98f22a6be5a64bb96e4f58

Notes

CVE-2021-37670 created at 13 Aug 2021 07:57:58

Severity

Medium

Remote

Local

Type

+	Information disclosure

Description

+	In TensorFlow before version 2.6.0 an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to tf.raw_ops.UpperBound. The implementation does not validate the rank of sorted_input argument. A similar issue occurs in tf.raw_ops.LowerBound.

References

+	https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9697-98pf-4rw7
+	https://github.com/tensorflow/tensorflow/commit/42459e4273c2e47a3232cc16c4f4fff3b3a35c38

Notes

CVE-2021-37671 created at 13 Aug 2021 07:57:58

Severity

Low

Remote

Local

Type

+	Insufficient validation

Description

In TensorFlow before version 2.6.0 an attacker can cause undefined behavior via binding a reference to null pointer in tf.raw_ops.Map* and tf.raw_ops.OrderedMap* operations. The implementation has a check in place to ensure that indices is in ascending order, but does not check that indices is not empty.

References

+	https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qr82-2c78-4m8h
+	https://github.com/tensorflow/tensorflow/commit/532f5c5a547126c634fefd43bbad1dc6417678ac

Notes

CVE-2021-37672 created at 13 Aug 2021 07:57:58

Severity

Medium

Remote

Local

Type

+	Information disclosure

Description

+	In TensorFlow before version 2.6.0 an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to tf.raw_ops.SdcaOptimizerV2. The implementation does not check that the length of example_labels is the same as the number of examples.

References

+	https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5hj3-vjjf-f5m7
+	https://github.com/tensorflow/tensorflow/commit/a4e138660270e7599793fa438cd7b2fc2ce215a6

Notes

CVE-2021-37673 created at 13 Aug 2021 07:57:58

Severity

Medium

Remote

Local

Type

+	Denial of service

Description

+	In TensorFlow before version 2.6.0 an attacker can trigger a denial of service via a CHECK-fail in tf.raw_ops.MapStage. The implementation does not check that the key input is a valid non-empty tensor.

References

+	https://github.com/tensorflow/tensorflow/security/advisories/GHSA-278g-rq84-9hmg
+	https://github.com/tensorflow/tensorflow/commit/d7de67733925de196ec8863a33445b73f9562d1d

Notes

CVE-2021-37674 created at 13 Aug 2021 07:57:58

Severity

Medium

Remote

Local

Type

+	Denial of service

Description

+	In TensorFlow before version 2.6.0 an attacker can trigger a denial of service via a segmentation fault in tf.raw_ops.MaxPoolGrad caused by missing validation. The implementation misses some validation for the orig_input and orig_output tensors. The fixes for CVE-2021-29579 were incomplete.

References

+	https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7ghq-fvr3-pj2x
+	https://github.com/tensorflow/tensorflow/commit/136b51f10903e044308cf77117c0ed9871350475

Notes

CVE-2021-37676 created at 13 Aug 2021 07:57:58

Severity

Low

Remote

Local

Type

+	Insufficient validation

Description

+	In TensorFlow before version 2.6.0 an attacker can cause undefined behavior via binding a reference to null pointer in tf.raw_ops.SparseFillEmptyRows. The shape inference implementation does not validate that the input arguments are not empty tensors.

References

+	https://github.com/tensorflow/tensorflow/commit/578e634b4f1c1c684d4b4294f9e5281b2133b3ed
+	https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v768-w7m9-2vmm

Notes

CVE-2021-37675 created at 13 Aug 2021 07:57:57

Severity

Medium

Remote

Local

Type

+	Denial of service

Description

In TensorFlow before version 2.6.0 most implementations of convolution operators in TensorFlow are affected by a division by 0 vulnerability where an attacker can trigger a denial of service via a crash. The shape inference implementation is missing several validations before doing divisions and modulo operations.

References

+	https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9c8h-2mv3-49ww
+	https://github.com/tensorflow/tensorflow/commit/8a793b5d7f59e37ac7f3cd0954a750a2fe76bad4

Notes

CVE-2021-37677 created at 13 Aug 2021 07:57:57

Severity

Medium

Remote

Local

Type

+	Denial of service

Description

In TensorFlow before version 2.6.0 the shape inference code for tf.raw_ops.Dequantize has a vulnerability that could trigger a denial of service via a segfault if an attacker provides invalid arguments. The shape inference implementation uses axis to select between two different values for minmax_rank which is then used to retrieve tensor dimensions. However, code assumes that axis can be either -1 or a value greater than -1, with no validation for the other values.

References

+	https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qfpc-5pjr-mh26
+	https://github.com/tensorflow/tensorflow/commit/da857cfa0fde8f79ad0afdbc94e88b5d4bbec764

Notes

CVE-2021-37678 created at 13 Aug 2021 07:57:57

Severity

Critical

Remote

Local

Type

+	Arbitrary code execution

Description

In TensorFlow before version 2.6.0 TensorFlow and Keras can be tricked to perform arbitrary code execution when deserializing a Keras model from YAML format. The implementation uses yaml.unsafe_load which can perform arbitrary code execution on the input. Given that YAML format support requires a significant amount of work, it has been removed it for now.

References

+	https://github.com/tensorflow/tensorflow/security/advisories/GHSA-r6jx-9g48-2r5r
+	https://github.com/tensorflow/tensorflow/commit/23d6383eb6c14084a8fc3bdf164043b974818012

Notes