Multiple vulnerabilities in TensorFlow



Published: 2022-12-05
Risk High
Patch available YES
Number of vulnerabilities 10
CVE-ID CVE-2022-41900
CVE-2022-35991
CVE-2022-35935
CVE-2022-41910
CVE-2022-41911
CVE-2022-41909
CVE-2022-41908
CVE-2022-41907
CVE-2022-41902
CVE-2022-41901
CWE-ID CWE-119
CWE-617
CWE-704
CWE-20
CWE-787
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
TensorFlow
Server applications / Other server solutions

Vendor TensorFlow

Security Bulletin

This security bulletin contains information about 10 vulnerabilities.

1) Buffer overflow

EUVDB-ID: #VU69885

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-41900

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the FractionalMaxPool and FractionalAvgPool. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

TensorFlow: 2.8.0 - 2.8.3, 2.9.0 - 2.9.2, 2.10.0


CPE2.3 External links

http://github.com/tensorflow/tensorflow/security/advisories/GHSA-xvwp-h6jv-7472
http://github.com/tensorflow/tensorflow/commit/216525144ee7c910296f5b05d214ca1327c9ce48

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Reachable Assertion

EUVDB-ID: #VU69911

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-35991

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion in "TensorListScatter" and "TensorListScatterV2" in eager mode. A remote attacker can cause a denial of service condition on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

TensorFlow: 2.8.0 - 2.8.3, 2.9.0 - 2.9.2, 2.10.0


CPE2.3 External links

http://github.com/tensorflow/tensorflow/commit/bb03fdf4aae944ab2e4b35c7daa051068a8b7f61
http://github.com/tensorflow/tensorflow/security/advisories/GHSA-vm7x-4qhj-rrcq

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Reachable Assertion

EUVDB-ID: #VU69910

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-35935

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion in SobolSample. A remote attacker can cause a denial of service condition on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

TensorFlow: 2.8.0 - 2.8.3, 2.9.0 - 2.9.2, 2.10.0


CPE2.3 External links

http://github.com/tensorflow/tensorflow/security/advisories/GHSA-97p7-w86h-vcf9
http://github.com/tensorflow/tensorflow/commit/c65c67f88ad770662e8f191269a907bf2b94b1bf

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Buffer overflow

EUVDB-ID: #VU69907

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-41910

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in QuantizeAndDequantizeV2. A remote attacker can trigger memory corruption and cause a denial of service condition on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

TensorFlow: 2.8.0 - 2.8.3, 2.9.0 - 2.9.2, 2.10.0


CPE2.3 External links

http://github.com/tensorflow/tensorflow/security/advisories/GHSA-frqp-wp83-qggv

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Type conversion

EUVDB-ID: #VU69906

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-41911

CWE-ID: CWE-704 - Incorrect Type Conversion or Cast (Type Conversion)

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to invalid char to bool conversion when printing a tensor. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

TensorFlow: 2.8.0 - 2.8.3, 2.9.0 - 2.9.2, 2.10.0


CPE2.3 External links

http://github.com/tensorflow/tensorflow/commit/1be743703279782a357adbf9b77dcb994fe8b508
http://github.com/tensorflow/tensorflow/blob/807cae8a807960fd7ac2313cde73a11fc15e7942/tensorflow/core/framework/tensor.cc#L1200-L1227
http://github.com/tensorflow/tensorflow/security/advisories/GHSA-pf36-r9c6-h97j

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) Input validation error

EUVDB-ID: #VU69905

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-41909

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in CompositeTensorVariantToComponents. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

TensorFlow: 2.8.0 - 2.8.3, 2.9.0 - 2.9.2, 2.10.0


CPE2.3 External links

http://github.com/tensorflow/tensorflow/security/advisories/GHSA-rjx6-v474-2ch9
http://github.com/tensorflow/tensorflow/commit/660ce5a89eb6766834bdc303d2ab3902aef99d3d
http://github.com/tensorflow/tensorflow/blob/master/tensorflow/python/lib/core/py_func.cc
http://github.com/tensorflow/tensorflow/commit/bf594d08d377dc6a3354d9fdb494b32d45f91971

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

7) Input validation error

EUVDB-ID: #VU69904

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-41908

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in PyFunc. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

TensorFlow: 2.8.0 - 2.8.3, 2.9.0 - 2.9.2, 2.10.0


CPE2.3 External links

http://github.com/tensorflow/tensorflow/commit/9f03a9d3bafe902c1e6beb105b2f24172f238645
http://github.com/tensorflow/tensorflow/blob/master/tensorflow/python/lib/core/py_func.cc
http://github.com/tensorflow/tensorflow/security/advisories/GHSA-mv77-9g28-cwg3

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

8) Buffer overflow

EUVDB-ID: #VU69891

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-41907

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in ResizeNearestNeighborGrad. A remote attacker can trigger memory corruption and cause a denial of service condition on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

TensorFlow: 2.8.0 - 2.8.3, 2.9.0 - 2.9.2, 2.10.0


CPE2.3 External links

http://github.com/tensorflow/tensorflow/commit/00c821af032ba9e5f5fa3fe14690c8d28a657624
http://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/resize_nearest_neighbor_op.cc
http://github.com/tensorflow/tensorflow/security/advisories/GHSA-368v-7v32-52fx

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

9) Out-of-bounds write

EUVDB-ID: #VU69887

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-41902

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in grappler. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

TensorFlow: 2.8.0 - 2.8.3, 2.9.0 - 2.9.2, 2.10.0


CPE2.3 External links

http://github.com/tensorflow/tensorflow/security/advisories/GHSA-cg88-rpvp-cjv5

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

10) Input validation error

EUVDB-ID: #VU69886

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-41901

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in SparseMatrixNNZ. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

TensorFlow: 2.8.0 - 2.8.3, 2.9.0 - 2.9.2, 2.10.0


CPE2.3 External links

http://github.com/tensorflow/tensorflow/commit/f856d02e5322821aad155dad9b3acab1e9f5d693
http://github.com/tensorflow/tensorflow/security/advisories/GHSA-g9fm-r5mm-rf9f
http://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/sparse/sparse_matrix.h

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###