CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 1CVE-2021-29553 – Heap OOB in `QuantizeAndDequantizeV3`
https://notcve.org/view.php?id=CVE-2021-29553
TensorFlow is an end-to-end open source platform for machine learning. An attacker can read data outside of bounds of heap allocated buffer in `tf.raw_ops.QuantizeAndDequantizeV3`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/11ff7f80667e6490d7b5174aa6bf5e01886e770f/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L237) does not validate the value of user supplied `axis` attribute before using it to index in the array backing the `input` argument. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range. • https://github.com/tensorflow/tensorflow/commit/99085e8ff02c3763a0ec2263e44daec416f6a387 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h9px-9vqg-222h • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2021-29554 – Division by 0 in `DenseCountSparseOutput`
https://notcve.org/view.php?id=CVE-2021-29554
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.DenseCountSparseOutput`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/efff014f3b2d8ef6141da30c806faf141297eca1/tensorflow/core/kernels/count_ops.cc#L123-L127) computes a divisor value from user data but does not check that the result is 0 before doing the division. Since `data` is given by the `values` argument, `num_batch_elements` is 0. The fix will be included in TensorFlow 2.5.0. • https://github.com/tensorflow/tensorflow/commit/da5ff2daf618591f64b2b62d9d9803951b945e9f https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qg48-85hg-mqc5 • CWE-369: Divide By Zero •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 1CVE-2020-26266 – Uninitialized memory access in Eigen types in TensorFlow
https://notcve.org/view.php?id=CVE-2020-26266
In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0. En las versiones afectadas de TensorFlow, en determinados casos, un modelo guardado puede activar el uso de valores no inicializados durante la ejecución del código. Esto es debido a que los búferes de tensor se llenan con el valor predeterminado del tipo, pero se olvidan de inicializar por defecto los tipos de punto flotante cuantificados en Eigen. • https://github.com/tensorflow/tensorflow/commit/ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qhxx-j73r-qpm2 • CWE-908: Use of Uninitialized Resource •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2020-26267 – Lack of validation in data format attributes in TensorFlow
https://notcve.org/view.php?id=CVE-2020-26267
In affected versions of TensorFlow the tf.raw_ops.DataFormatVecPermute API does not validate the src_format and dst_format attributes. The code assumes that these two arguments define a permutation of NHWC. This can result in uninitialized memory accesses, read outside of bounds and even crashes. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0. En las versiones afectadas de TensorFlow, la API tf.raw_ops.DataFormatVecPermute no comprueba los atributos src_format y dst_format. • https://github.com/tensorflow/tensorflow/commit/ebc70b7a592420d3d2f359e4b1694c236b82c7ae https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c9f3-9wfr-wgh7 • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: 5EXPL: 1CVE-2020-26268 – Write to immutable memory region in TensorFlow
https://notcve.org/view.php?id=CVE-2020-26268
In affected versions of TensorFlow the tf.raw_ops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable. However, if the type of the tensor is not an integral type, the operation crashes the Python interpreter as it tries to write to the memory area. If the file is too small, TensorFlow properly returns an error as the memory area has fewer bytes than what is needed for the tensor it creates. However, as soon as there are enough bytes, the above snippet causes a segmentation fault. This is because the allocator used to return the buffer data is not marked as returning an opaque handle since the needed virtual method is not overridden. • https://github.com/tensorflow/tensorflow/commit/c1e1fc899ad5f8c725dcbb6470069890b5060bc7 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hhvc-g5hv-48c6 • CWE-471: Modification of Assumed-Immutable Data (MAID) •