CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2021-29562 – CHECK-fail in `tf.raw_ops.IRFFT`
https://notcve.org/view.php?id=CVE-2021-29562
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from the implementation of `tf.raw_ops.IRFFT`. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range. TensorFlow es una plataforma de código abierto de extremo a extremo para el aprendizaje automático. • https://github.com/tensorflow/tensorflow/commit/1c56f53be0b722ca657cbc7df461ed676c8642a2 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-36vm-xw34-x4pj • CWE-617: Reachable Assertion •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2021-29563 – CHECK-fail in `tf.raw_ops.RFFT`
https://notcve.org/view.php?id=CVE-2021-29563
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from the implementation of `tf.raw_ops.RFFT`. Eigen code operating on an empty matrix can trigger on an assertion and will cause program termination. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range. • https://github.com/tensorflow/tensorflow/commit/31bd5026304677faa8a0b77602c6154171b9aec1 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-ph87-fvjr-v33w • CWE-617: Reachable Assertion •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2021-29564 – Null pointer dereference in `EditDistance`
https://notcve.org/view.php?id=CVE-2021-29564
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of `tf.raw_ops.EditDistance`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/79865b542f9ffdc9caeb255631f7c56f1d4b6517/tensorflow/core/kernels/edit_distance_op.cc#L103-L159) has incomplete validation of the input parameters. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range. • https://github.com/tensorflow/tensorflow/commit/f4c364a5d6880557f6f5b6eb5cee2c407f0186b3 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-75f6-78jr-4656 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2021-29565 – Null pointer dereference in `SparseFillEmptyRows`
https://notcve.org/view.php?id=CVE-2021-29565
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of `tf.raw_ops.SparseFillEmptyRows`. This is because of missing validation(https://github.com/tensorflow/tensorflow/blob/fdc82089d206e281c628a93771336bf87863d5e8/tensorflow/core/kernels/sparse_fill_empty_rows_op.cc#L230-L231) that was covered under a `TODO`. If the `dense_shape` tensor is empty, then `dense_shape_t.vec<>()` would cause a null pointer dereference in the implementation of the op. The fix will be included in TensorFlow 2.5.0. • https://github.com/tensorflow/tensorflow/commit/faa76f39014ed3b5e2c158593b1335522e573c7f https://github.com/tensorflow/tensorflow/security/advisories/GHSA-r6pg-pjwc-j585 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-29566 – Heap OOB access in `Dilation2DBackpropInput`
https://notcve.org/view.php?id=CVE-2021-29566
TensorFlow is an end-to-end open source platform for machine learning. An attacker can write outside the bounds of heap allocated arrays by passing invalid arguments to `tf.raw_ops.Dilation2DBackpropInput`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/afd954e65f15aea4d438d0a219136fc4a63a573d/tensorflow/core/kernels/dilation_ops.cc#L321-L322) does not validate before writing to the output array. The values for `h_out` and `w_out` are guaranteed to be in range for `out_backprop` (as they are loop indices bounded by the size of the array). However, there are no similar guarantees relating `h_in_max`/`w_in_max` and `in_backprop`. • https://github.com/tensorflow/tensorflow/commit/3f6fe4dfef6f57e768260b48166c27d148f3015f https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pvrc-hg3f-58r6 • CWE-787: Out-of-bounds Write •