CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-23570 – Null-dereference in Tensorflow
https://notcve.org/view.php?id=CVE-2022-23570
Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, TensorFlow might do a null-dereference if attributes of some mutable arguments to some operations are missing from the proto. This is guarded by a `DCHECK`. However, `DCHECK` is a no-op in production builds and an assertion failure in debug builds. In the first case execution proceeds to the dereferencing of the null pointer, whereas in the second case it results in a crash due to the assertion failure. • https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/full_type_util.cc#L104-L106 https://github.com/tensorflow/tensorflow/commit/8a513cec4bec15961fbfdedcaa5376522980455c https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9p77-mmrw-69c7 • CWE-476: NULL Pointer Dereference CWE-617: Reachable Assertion •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-23564 – Reachable Assertion in Tensorflow
https://notcve.org/view.php?id=CVE-2022-23564
Tensorflow is an Open Source Machine Learning Framework. When decoding a resource handle tensor from protobuf, a TensorFlow process can encounter cases where a `CHECK` assertion is invalidated based on user controlled arguments. This allows attackers to cause denial of services in TensorFlow processes. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. • https://github.com/tensorflow/tensorflow/commit/14fea662350e7c26eb5fe1be2ac31704e5682ee6 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8rcj-c8pj-v3m3 • CWE-617: Reachable Assertion •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-23565 – `CHECK`-failures in Tensorflow
https://notcve.org/view.php?id=CVE-2022-23565
Tensorflow is an Open Source Machine Learning Framework. An attacker can trigger denial of service via assertion failure by altering a `SavedModel` on disk such that `AttrDef`s of some operation are duplicated. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. Tensorflow es un Marco de Aprendizaje Automático de Código Abierto. • https://github.com/tensorflow/tensorflow/commit/c2b31ff2d3151acb230edc3f5b1832d2c713a9e0 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4v5p-v5h9-6xjx • CWE-617: Reachable Assertion •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-23562 – Integer overflow in Tensorflow
https://notcve.org/view.php?id=CVE-2022-23562
Tensorflow is an Open Source Machine Learning Framework. The implementation of `Range` suffers from integer overflows. These can trigger undefined behavior or, in some scenarios, extremely large allocations. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. • https://github.com/tensorflow/tensorflow/commit/f0147751fd5d2ff23251149ebad9af9f03010732 https://github.com/tensorflow/tensorflow/issues/52676 https://github.com/tensorflow/tensorflow/pull/51733 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qx3f-p745-w4hr • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2022-23563 – Insecure temporary file in Tensorflow
https://notcve.org/view.php?id=CVE-2022-23563
Tensorflow is an Open Source Machine Learning Framework. In multiple places, TensorFlow uses `tempfile.mktemp` to create temporary files. While this is acceptable in testing, in utilities and libraries it is dangerous as a different process can create the file between the check for the filename in `mktemp` and the actual creation of the file by a subsequent operation (a TOC/TOU type of weakness). In several instances, TensorFlow was supposed to actually create a temporary directory instead of a file. This logic bug is hidden away by the `mktemp` function usage. • https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wc4g-r73w-x8mm • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •