CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 2CVE-2022-29194 – Missing validation causes denial of service via `DeleteSessionTensor` in TensorFlow
https://notcve.org/view.php?id=CVE-2022-29194
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.DeleteSessionTensor` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. TensorFlow es una plataforma de código abierto para el aprendizaje automático. • https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/session_ops.cc#L128-L144 https://github.com/tensorflow/tensorflow/commit/cff267650c6a1b266e4b4500f69fbc49cdd773c5 https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4 https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2 https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1 https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0 https://github.com/tensorflow/tensorflow/security/adv • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 2CVE-2022-29191 – Missing validation causes denial of service via `GetSessionTensor` in TensorFlow
https://notcve.org/view.php?id=CVE-2022-29191
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.GetSessionTensor` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. TensorFlow es una plataforma de código abierto para el aprendizaje automático. • https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/session_ops.cc#L94-L112 https://github.com/tensorflow/tensorflow/commit/48305e8ffe5246d67570b64096a96f8e315a7281 https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4 https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2 https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1 https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0 https://github.com/tensorflow/tensorflow/security/advi • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 2CVE-2022-29192 – Missing validation crashes `QuantizeAndDequantizeV4Grad` in TensorFlow
https://notcve.org/view.php?id=CVE-2022-29192
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.QuantizeAndDequantizeV4Grad` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. TensorFlow es una plataforma de código abierto para el aprendizaje automático. • https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L148-L226 https://github.com/tensorflow/tensorflow/commit/098e7762d909bac47ce1dbabe6dfd06294cb9d58 https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4 https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2 https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1 https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0 https://github.com/tensorflow/tensorflow • CWE-20: Improper Input Validation •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-23592 – Out of bounds read in Tensorflow
https://notcve.org/view.php?id=CVE-2022-23592
Tensorflow is an Open Source Machine Learning Framework. TensorFlow's type inference can cause a heap out of bounds read as the bounds checking is done in a `DCHECK` (which is a no-op during production). An attacker can control the `input_idx` variable such that `ix` would be larger than the number of values in `node_t.args`. The fix will be included in TensorFlow 2.8.0. This is the only affected version. • https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/core/graph/graph.cc#L223-L229 https://github.com/tensorflow/tensorflow/commit/c99d98cd189839dcf51aee94e7437b54b31f8abd https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vq36-27g6-p492 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-23593 – Segfault in `simplifyBroadcast` in Tensorflow
https://notcve.org/view.php?id=CVE-2022-23593
Tensorflow is an Open Source Machine Learning Framework. The `simplifyBroadcast` function in the MLIR-TFRT infrastructure in TensorFlow is vulnerable to a segfault (hence, denial of service), if called with scalar shapes. If all shapes are scalar, then `maxRank` is 0, so we build an empty `SmallVector`. The fix will be included in TensorFlow 2.8.0. This is the only affected version. • https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/compiler/mlir/tfrt/jit/transforms/tf_cpurt_symbolic_shape_optimization.cc#L149-L205 https://github.com/tensorflow/tensorflow/commit/35f0fabb4c178253a964d7aabdbb15c6a398b69a https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gwcx-jrx4-92w2 • CWE-754: Improper Check for Unusual or Exceptional Conditions •