SB2022020340 - Multiple vulnerabilities in TensorFlow
Published: February 3, 2022 Updated: February 5, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 23 secuirty vulnerabilities.
1) Reachable Assertion (CVE-ID: CVE-2022-23571)
The vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion. A remote user can pass a specially crafted user controlled arguments and cause a denial of service.
2) Division by zero (CVE-ID: CVE-2022-23557)
The vulnerability allows a remote user to perform a denial of service attack.
The vulnerability exists due to a division by zero error when parsing TFLite model in `BiasAndClamp` implementation. A remote user can pass a specially crafted TFLite model to the application and crash it.
3) Out-of-bounds write (CVE-ID: CVE-2022-23574)
The vulnerability allows a remote user to compromise vulnerable system.
The vulnerability exists due to a typo in TensorFlow's SpecializeType. A remote user can pass a specially crafted file, trigger out-of-bounds write and execute arbitrary code on the target system.
4) Reachable Assertion (CVE-ID: CVE-2022-23565)
The vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion. A remote user can assert failure by altering a `SavedModel` on disk such that `AttrDef`s of some operation are duplicated and trigger denial of service.
5) Memory leak (CVE-ID: CVE-2022-23578)
The vulnerability allows a remote user to leak memory and perform DoS attack on the target system.
The vulnerability exists due to leak memory in the implementation of ImmutableExecutorState::Initialize, if a graph node is invalid. A remote user can force the application to leak memory and perform denial of service attack.
6) Integer overflow (CVE-ID: CVE-2022-23562)
The vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow in implementation of Range. A remote user can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
7) Out-of-bounds write (CVE-ID: CVE-2022-23566)
The vulnerability allows a remote user to compromise vulnerable system.
The vulnerability exists due to a boundary error in the set_output() function in Grappler when processing untrusted input. A remote user can pass a specially crafted file and trigger out-of-bounds write and execute arbitrary code on the target system.
8) Exposure of Resource to Wrong Sphere (CVE-ID: CVE-2022-23563)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper implementation of security restrictions in the mktemp() function. A local user can create a specially crafted file and escalate privileges on the system..
9) Use of uninitialized resource (CVE-ID: CVE-2022-23573)
The vulnerability allows a remote user to compromise the target system.
The vulnerability exists due to implementation of `AssignOp` that can result in copying uninitialized data to a new tensor. A remote use can pass specially crafted data to the application, trigger uninitialized usage of resources and execute arbitrary code on the system.
10) Out-of-bounds write (CVE-ID: CVE-2022-23560)
The vulnerability allows a remote user to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing TFLite model. A remote user can pass a specially crafted TFLite model to the application, trigger out-of-bounds write and execute arbitrary code on the target system.
11) Integer overflow (CVE-ID: CVE-2022-23559)
The vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow when processing TFLite model. A remote user can pass specially crafted TFLite model to the application, trigger integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
12) Reachable Assertion (CVE-ID: CVE-2022-23583)
The vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion. A remote user can alter a SavedModel such that any binary op would trigger CHECK failures and cause a denial of service.
13) Integer overflow (CVE-ID: CVE-2022-23587)
The vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow in the Grappler component. A remote user can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
14) Improper Check for Unusual or Exceptional Conditions (CVE-ID: CVE-2022-23572)
The vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling in the DCHECK() function. A remote user can send specially crafted data to the application and perform a denial of service (DoS) attack.
15) Use-after-free (CVE-ID: CVE-2022-23584)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when decoding PNG images. A remote attacker can pass a specially crafted PNG image, trigger a use-after-free error and execute arbitrary code on the system.
16) Reachable Assertion (CVE-ID: CVE-2022-23588)
The vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion in Grappler. A remote user can alter a SavedModel and cause a denial of service.
17) Memory leak (CVE-ID: CVE-2022-23585)
The vulnerability allows a remote attacker to perform DoS attack on the target system.
The vulnerability exists due memory leak in the png::CommonFreeDecode() function. A remote attacker can pass a specially crafted PNG image, cause memory leak and perform denial of service attack.
18) NULL pointer dereference (CVE-ID: CVE-2022-23570)
The vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the DCHECK() function. A remote user can pass specially crafted data to the application and perform a denial of service (DoS) attack.
19) Reachable Assertion (CVE-ID: CVE-2022-23581)
The vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion in Grappler. A remote user can alter a SavedModel and cause a denial of service.
20) NULL pointer dereference (CVE-ID: CVE-2022-23595)
The vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the BuildXlaCompilationCache() function. A remote user can pass a specially crafted file to the application and perform a denial of service (DoS) attack.
21) Reachable Assertion (CVE-ID: CVE-2022-23586)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion in function.cc. A remote user can alter a SavedModel and cause a denial of service.
22) Improper Check for Unusual or Exceptional Conditions (CVE-ID: CVE-2022-21737)
The vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling in the Bincount implementation. A remote user can send a specially crafted data to the application and perform a denial of service (DoS) attack.
23) Integer overflow (CVE-ID: CVE-2022-21738)
The vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow in the implementation of SparseCountSparseOutput. A remote user can pass a specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Remediation
Install update from vendor's website.
References
- https://github.com/tensorflow/tensorflow/commit/5b491cd5e41ad63735161cec9c2a568172c8b6a3
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j3mj-fhpq-qqjj
- https://github.com/tensorflow/tensorflow/commit/8c6f391a2282684a25cbfec7687bd5d35261a209
- https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/lite/kernels/internal/common.h#L75
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gf2j-f278-xh4v
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-77gp-3h4r-6428
- https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/full_type_util.cc#L81-L102
- https://github.com/tensorflow/tensorflow/commit/0657c83d08845cc434175934c642299de2c0f042
- https://github.com/tensorflow/tensorflow/commit/c2b31ff2d3151acb230edc3f5b1832d2c713a9e0
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4v5p-v5h9-6xjx
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8r7c-3cm2-3h8f
- https://github.com/tensorflow/tensorflow/commit/c79ccba517dbb1a0ccb9b01ee3bd2a63748b60dd
- https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/common_runtime/immutable_executor_state.cc#L84-L262
- https://github.com/tensorflow/tensorflow/commit/f0147751fd5d2ff23251149ebad9af9f03010732
- https://github.com/tensorflow/tensorflow/pull/51733
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qx3f-p745-w4hr
- https://github.com/tensorflow/tensorflow/issues/52676
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5qw5-89mw-wcg2
- https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/shape_inference.h#L394
- https://github.com/tensorflow/tensorflow/commit/97282c6d0d34476b6ba033f961590b783fa184cd
- https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/costs/graph_properties.cc#L1132-L1141
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wc4g-r73w-x8mm
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-q85f-69q7-55h2
- https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/kernels/assign_op.h#L30-L143
- https://github.com/tensorflow/tensorflow/commit/ef1d027be116f25e25bb94a60da491c2cf55bd0b
- https://github.com/tensorflow/tensorflow/commit/6364463d6f5b6254cac3d6aedf999b6a96225038
- https://github.com/tensorflow/tensorflow/blob/ca6f96b62ad84207fbec580404eaa7dd7403a550/tensorflow/lite/kernels/internal/utils/sparsity_format_converter.cc#L252-L293
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4hvf-hxvg-f67v
- https://github.com/tensorflow/tensorflow/blob/ca6f96b62ad84207fbec580404eaa7dd7403a550/tensorflow/li...
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-98p5-x8x4-c9m5
- https://github.com/tensorflow/tensorflow/commit/a4e401da71458d253b05e41f28637b65baf64be4
- https://github.com/tensorflow/tensorflow/commit/1de49725a5fc4e48f1a3b902ec3599ee99283043
- https://github.com/tensorflow/tensorflow/commit/f19be71717c497723ba0cea0379e84f061a75e01
- https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/kernels/cwise_ops_common.h#L88-L137
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gjqc-q9g6-q2j3
- https://github.com/tensorflow/tensorflow/commit/a7c02f1a9bbc35473969618a09ee5f9f5d3e52d9
- https://github.com/tensorflow/tensorflow/commit/0aaaae6eca5a7175a193696383f582f53adab23f
- https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/costs/op_level_cost_estimator.cc#L2621-L2689
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8jj7-5vxc-pg2q
- https://github.com/tensorflow/tensorflow/commit/cb164786dc891ea11d3a900e90367c339305dc7b
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rww7-2gpw-fv6j
- https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/shape_inference.cc#L168-L174
- https://github.com/tensorflow/tensorflow/commit/e746adbfcfee15e9cfdb391ff746c765b99bdf9b
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-24x4-6qmh-88qg
- https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/kernels/image/decode_image_op.cc#L339-L346
- https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/constant_folding.cc#L1328-L1402
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fx5c-h9f6-rv7c
- https://github.com/tensorflow/tensorflow/commit/6b5adc0877de832b2a7c189532dbbbc64622eeb6
- https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/tensor.cc#L733-L781
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fq6p-6334-8gr4
- https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/kernels/image/decode_image_op.cc#L322-L416
- https://github.com/tensorflow/tensorflow/commit/ab51e5b813573dc9f51efa335aebcf2994125ee9
- https://github.com/tensorflow/tensorflow/commit/8a513cec4bec15961fbfdedcaa5376522980455c
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9p77-mmrw-69c7
- https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/full_type_util.cc#L104-L106
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fq86-3f29-px2c
- https://github.com/tensorflow/tensorflow/commit/1fb27733f943295d874417630edd3b38b34ce082
- https://github.com/tensorflow/tensorflow/commit/240655511cd3e701155f944a972db71b6c0b1bb6
- https://github.com/tensorflow/tensorflow/commit/ebc1a2ffe5a7573d905e99bd0ee3568ee07c12c1
- https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/constant_folding.cc#L1687-L1742
- https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/compiler/jit/xla_platform_info.cc#L43-L104
- https://github.com/tensorflow/tensorflow/commit/e21af685e1828f7ca65038307df5cc06de4479e8
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fpcp-9h7m-ffpx
- https://github.com/tensorflow/tensorflow/commit/3d89911481ba6ebe8c88c1c0b595412121e6c645
- https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/function.cc
- https://github.com/tensorflow/tensorflow/commit/dcc21c7bc972b10b6fb95c2fb0f4ab5a59680ec2
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-43jf-985q-588j
- https://github.com/tensorflow/tensorflow/commit/7019ce4f68925fd01cdafde26f8d8c938f47e6f9
- https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/bincount_op.cc
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f2vv-v9cg-qhh7
- https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/count_ops.cc#L168-L273
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x4qx-4fjv-hmw6
- https://github.com/tensorflow/tensorflow/commit/6f4d3e8139ec724dbbcb40505891c81dd1052c4a