CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 1CVE-2022-41880 – ThreadUnsafeUnigramCandidateSampler Heap out of bounds in Tensorflow
https://notcve.org/view.php?id=CVE-2022-41880
TensorFlow is an open source platform for machine learning. When the `BaseCandidateSamplerOp` function receives a value in `true_classes` larger than `range_max`, a heap oob read occurs. We have patched the issue in GitHub commit b389f5c944cadfdfe599b3f1e4026e036f30d2d4. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. • https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/candidate_sampler_ops.cc https://github.com/tensorflow/tensorflow/commit/b389f5c944cadfdfe599b3f1e4026e036f30d2d4 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8w5g-3wcv-9g2j • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-41899 – `CHECK` fail via inputs in `SdcaOptimizer` in Tensorflow
https://notcve.org/view.php?id=CVE-2022-41899
TensorFlow is an open source platform for machine learning. Inputs `dense_features` or `example_state_data` not of rank 2 will trigger a `CHECK` fail in `SdcaOptimizer`. We have patched the issue in GitHub commit 80ff197d03db2a70c6a111f97dcdacad1b0babfa. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. • https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/sdca_internal.cc https://github.com/tensorflow/tensorflow/commit/80ff197d03db2a70c6a111f97dcdacad1b0babfa https://github.com/tensorflow/tensorflow/security/advisories/GHSA-27rc-728f-x5w2 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-41896 – `tf.raw_ops.Mfcc` crashes in Tensorflow
https://notcve.org/view.php?id=CVE-2022-41896
TensorFlow is an open source platform for machine learning. If `ThreadUnsafeUnigramCandidateSampler` is given input `filterbank_channel_count` greater than the allowed max size, TensorFlow will crash. We have patched the issue in GitHub commit 39ec7eaf1428e90c37787e5b3fbd68ebd3c48860. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. • https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/mirror_pad_op.cc https://github.com/tensorflow/tensorflow/commit/39ec7eaf1428e90c37787e5b3fbd68ebd3c48860 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rmg2-f698-wq35 • CWE-20: Improper Input Validation CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-41884 – Seg fault in `ndarray_tensor_bridge` due to zero and large inputs in Tensorflow
https://notcve.org/view.php?id=CVE-2022-41884
TensorFlow is an open source platform for machine learning. If a numpy array is created with a shape such that one element is zero and the others sum to a large number, an error will be raised. We have patched the issue in GitHub commit 2b56169c16e375c521a3bc8ea658811cc0793784. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. • https://github.com/tensorflow/tensorflow/commit/2b56169c16e375c521a3bc8ea658811cc0793784 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jq6x-99hj-q636 • CWE-670: Always-Incorrect Control Flow Implementation •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-41893 – `CHECK_EQ` fail in `tf.raw_ops.TensorListResize` in Tensorflow
https://notcve.org/view.php?id=CVE-2022-41893
TensorFlow is an open source platform for machine learning. If `tf.raw_ops.TensorListResize` is given a nonscalar value for input `size`, it results `CHECK` fail which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 888e34b49009a4e734c27ab0c43b0b5102682c56. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. • https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/list_kernels.cc https://github.com/tensorflow/tensorflow/commit/888e34b49009a4e734c27ab0c43b0b5102682c56 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-67pf-62xr-q35m • CWE-617: Reachable Assertion •