CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 1CVE-2022-29200 – Missing validation causes denial of service in TensorFlow via `LSTMBlockCell`
https://notcve.org/view.php?id=CVE-2022-29200
20 May 2022 — TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.LSTMBlockCell` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code does not validate the ranks of any of the arguments to this API call. This results in `CHECK`-failures when the elements of the tensor are accessed. • https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/rnn/lstm_ops.cc • CWE-20: Improper Input Validation CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 1CVE-2022-29193 – Missing validation causes `TensorSummaryV2` in TensorFlow to crash
https://notcve.org/view.php?id=CVE-2022-29193
20 May 2022 — TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.TensorSummaryV2` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. TensorFlow es una plataforma de código abierto para el aprendizaje automático. • https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/summary_tensor_op.cc#L33-L58 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 2CVE-2022-29194 – Missing validation causes denial of service via `DeleteSessionTensor` in TensorFlow
https://notcve.org/view.php?id=CVE-2022-29194
20 May 2022 — TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.DeleteSessionTensor` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. TensorFlow es una plataforma de código abierto para el aprendizaje automático. • https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/session_ops.cc#L128-L144 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 2CVE-2022-29191 – Missing validation causes denial of service via `GetSessionTensor` in TensorFlow
https://notcve.org/view.php?id=CVE-2022-29191
20 May 2022 — TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.GetSessionTensor` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. TensorFlow es una plataforma de código abierto para el aprendizaje automático. • https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/session_ops.cc#L94-L112 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 2CVE-2022-29192 – Missing validation crashes `QuantizeAndDequantizeV4Grad` in TensorFlow
https://notcve.org/view.php?id=CVE-2022-29192
20 May 2022 — TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.QuantizeAndDequantizeV4Grad` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. TensorFlow es una plataforma de código abierto para el aprendizaje automático. • https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L148-L226 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-23561 – Out of bounds write in TFLite
https://notcve.org/view.php?id=CVE-2022-23561
04 Feb 2022 — Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause a write outside of bounds of an array in TFLite. In fact, the attacker can override the linked list used by the memory allocator. This can be leveraged for an arbitrary write primitive under certain conditions. The fix will be included in TensorFlow 2.8.0. • https://github.com/tensorflow/tensorflow/commit/6c0b2b70eeee588591680f5b7d5d38175fd7cdf6 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-23557 – Division by zero in TFLite
https://notcve.org/view.php?id=CVE-2022-23557
04 Feb 2022 — Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would trigger a division by zero in `BiasAndClamp` implementation. There is no check that the `bias_size` is non zero. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. • https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/lite/kernels/internal/common.h#L75 • CWE-369: Divide By Zero •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 2CVE-2022-23558 – Integer overflow in TFLite array creation
https://notcve.org/view.php?id=CVE-2022-23558
04 Feb 2022 — Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in `TfLiteIntArrayCreate`. The `TfLiteIntArrayGetSizeInBytes` returns an `int` instead of a `size_t. An attacker can control model inputs such that `computed_size` overflows the size of `int` datatype. The fix will be included in TensorFlow 2.8.0. • https://github.com/tensorflow/tensorflow/blob/ca6f96b62ad84207fbec580404eaa7dd7403a550/tensorflow/lite/c/common.c#L24-L33 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-23570 – Null-dereference in Tensorflow
https://notcve.org/view.php?id=CVE-2022-23570
04 Feb 2022 — Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, TensorFlow might do a null-dereference if attributes of some mutable arguments to some operations are missing from the proto. This is guarded by a `DCHECK`. However, `DCHECK` is a no-op in production builds and an assertion failure in debug builds. In the first case execution proceeds to the dereferencing of the null pointer, whereas in the second case it results in a crash due to the assertion failure. • https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/full_type_util.cc#L104-L106 • CWE-476: NULL Pointer Dereference CWE-617: Reachable Assertion •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-23564 – Reachable Assertion in Tensorflow
https://notcve.org/view.php?id=CVE-2022-23564
04 Feb 2022 — Tensorflow is an Open Source Machine Learning Framework. When decoding a resource handle tensor from protobuf, a TensorFlow process can encounter cases where a `CHECK` assertion is invalidated based on user controlled arguments. This allows attackers to cause denial of services in TensorFlow processes. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. • https://github.com/tensorflow/tensorflow/commit/14fea662350e7c26eb5fe1be2ac31704e5682ee6 • CWE-617: Reachable Assertion •