Vulnerability identifier: #VU49324
Vulnerability risk: Low
CVSSv3.1: 3.4 [CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-908
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
TensorFlow
Server applications /
Other server solutions
Vendor: TensorFlow
Description
The vulnerability allows a local user to bypass certain security restrictions.
The vulnerability exists due to usage of uninitialized resources in Eigen. Under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
TensorFlow: 2.0.0 - 2.0.3, 2.2.0 - 2.2.1, 2.3.0 - 2.3.1, 2.1.0 - 2.1.2, 1.15.0 - 1.15.4, 1.14.0, 1.13.1 - 1.13.2, 1.12.0 - 1.12.3, 1.11.0, 1.10.0 - 1.10.1, 1.9.0, 1.8.0, 1.7.0 - 1.7.1, 1.6.0, 1.5.0 - 1.5.1, 1.4.0 - 1.4.1, 1.3.0 - 1.3.1, 1.2.0 - 1.2.1, 1.1.0, 1.0.0 - 1.0.1
External links
http://github.com/tensorflow/tensorflow/commit/ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2
http://github.com/tensorflow/tensorflow/security/advisories/GHSA-qhxx-j73r-qpm2
http://github.com/tensorflow/tensorflow/releases/tag/v2.3.2
http://github.com/tensorflow/tensorflow/releases/tag/v2.2.2
http://github.com/tensorflow/tensorflow/releases/tag/v2.1.3
http://github.com/tensorflow/tensorflow/releases/tag/v2.0.4
http://github.com/tensorflow/tensorflow/releases/tag/v1.15.5
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.