BIT-tensorflow-2021-29569

See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/tensorflow/BIT-tensorflow-2021-29569.json
JSON Data
https://api.osv.dev/v1/vulns/BIT-tensorflow-2021-29569
Aliases
Published
2024-03-06T11:18:58.581Z
Modified
2024-03-06T11:25:28.861Z
Summary
[none]
Details

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.raw_ops.MaxPoolGradWithArgmax can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The implementation(https://github.com/tensorflow/tensorflow/blob/ac328eaa3870491ababc147822cd04e91a790643/tensorflow/core/kernels/requantizationrangeop.cc#L49-L50) assumes that the input_min and input_max tensors have at least one element, as it accesses the first element in two arrays. If the tensors are empty, .flat<T>() is an empty object, backed by an empty array. Hence, accesing even the 0th element is a read outside the bounds. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

References

Affected packages

Bitnami / tensorflow

Package

Name
tensorflow
Purl
pkg:bitnami/tensorflow

Severity

  • 7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVSS Calculator

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.4
Introduced
2.2.0
Fixed
2.2.3
Introduced
2.3.0
Fixed
2.3.3
Introduced
2.4.0
Fixed
2.4.2