CVE-2021-37653 – Division by 0 in `ResourceGather` in TensorFlow
https://notcve.org/view.php?id=CVE-2021-37653
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a crash via a floating point exception in `tf.raw_ops.ResourceGather`. The [implementation](https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/resource_variable_ops.cc#L725-L731) computes the value of a value, `batch_size`, and then divides by it without checking that this value is not 0. We have patched the issue in GitHub commit ac117ee8a8ea57b73d34665cdf00ef3303bc0b11. The fix will be included in TensorFlow 2.6.0. • https://github.com/tensorflow/tensorflow/commit/ac117ee8a8ea57b73d34665cdf00ef3303bc0b11 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qjj8-32p7-h289 • CWE-369: Divide By Zero •
CVE-2021-37642 – Division by 0 in `ResourceScatterDiv` in TensorFlow
https://notcve.org/view.php?id=CVE-2021-37642
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of `tf.raw_ops.ResourceScatterDiv` is vulnerable to a division by 0 error. The [implementation](https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/resource_variable_ops.cc#L865) uses a common class for all binary operations but fails to treat the division by 0 case separately. We have patched the issue in GitHub commit 4aacb30888638da75023e6601149415b39763d76. The fix will be included in TensorFlow 2.6.0. • https://github.com/tensorflow/tensorflow/commit/4aacb30888638da75023e6601149415b39763d76 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-ch4f-829c-v5pw • CWE-369: Divide By Zero •
CVE-2021-37640 – Integer division by 0 in sparse reshaping in TensorFlow
https://notcve.org/view.php?id=CVE-2021-37640
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of `tf.raw_ops.SparseReshape` can be made to trigger an integral division by 0 exception. The [implementation](https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/reshape_util.cc#L176-L181) calls the reshaping functor whenever there is at least an index in the input but does not check that shape of the input or the target shape have both a non-zero number of elements. The [reshape functor](https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/reshape_util.cc#L40-L78) blindly divides by the dimensions of the target shape. Hence, if this is not checked, code will result in a division by 0. • https://github.com/tensorflow/tensorflow/commit/4923de56ec94fff7770df259ab7f2288a74feb41 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-95xm-g58g-3p88 • CWE-369: Divide By Zero •
CVE-2021-37636 – Floating point exception in `SparseDenseCwiseDiv` in TensorFlow
https://notcve.org/view.php?id=CVE-2021-37636
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of `tf.raw_ops.SparseDenseCwiseDiv` is vulnerable to a division by 0 error. The [implementation](https://github.com/tensorflow/tensorflow/blob/a1bc56203f21a5a4995311825ffaba7a670d7747/tensorflow/core/kernels/sparse_dense_binary_op_shared.cc#L56) uses a common class for all binary operations but fails to treat the division by 0 case separately. We have patched the issue in GitHub commit d9204be9f49520cdaaeb2541d1dc5187b23f31d9. The fix will be included in TensorFlow 2.6.0. • https://github.com/tensorflow/tensorflow/commit/d9204be9f49520cdaaeb2541d1dc5187b23f31d9 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hp4c-x6r7-6555 • CWE-369: Divide By Zero •