Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS04dzVnLTN3Y3YtOWcyas4AAv_l

Moderate EPSS: 0.00129% (0.33166 Percentile) EPSS:
Permalink JSON

Tensorflow vulnerable to Out-of-Bounds Read

Affected Packages Affected Versions Fixed Versions
pypi:tensorflow-gpu
PURL: pkg:pypi/tensorflow-gpu
>= 2.9.0, < 2.9.3, < 2.8.4, >= 2.10.0, < 2.10.1 2.9.3, 2.8.4, 2.10.1
155 Dependent packages
11,499 Dependent repositories
78,758 Downloads last month

Affected Version Ranges

All affected versions

0.12.0, 0.12.1, 1.0.0, 1.0.1, 1.1.0, 1.2.0, 1.2.1, 1.3.0, 1.4.0, 1.4.1, 1.5.0, 1.5.1, 1.6.0, 1.7.0, 1.7.1, 1.8.0, 1.9.0, 1.10.0, 1.10.1, 1.11.0, 1.12.0, 1.12.2, 1.12.3, 1.13.1, 1.13.2, 1.14.0, 1.15.0, 1.15.2, 1.15.3, 1.15.4, 1.15.5, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.1.0, 2.1.1, 2.1.2, 2.1.3, 2.1.4, 2.2.0, 2.2.1, 2.2.2, 2.2.3, 2.3.0, 2.3.1, 2.3.2, 2.3.3, 2.3.4, 2.4.0, 2.4.1, 2.4.2, 2.4.3, 2.4.4, 2.5.0, 2.5.1, 2.5.2, 2.5.3, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.7.0, 2.7.1, 2.7.2, 2.7.3, 2.7.4, 2.8.0, 2.8.1, 2.8.2, 2.8.3, 2.9.0, 2.9.1, 2.9.2, 2.10.0

All unaffected versions

2.8.4, 2.9.3, 2.10.1, 2.11.0, 2.12.0
pypi:tensorflow-cpu
PURL: pkg:pypi/tensorflow-cpu
>= 2.9.0, < 2.9.3, < 2.8.4, >= 2.10.0, < 2.10.1 2.9.3, 2.8.4, 2.10.1
88 Dependent packages
2,483 Dependent repositories
909,001 Downloads last month

Affected Version Ranges

All affected versions

1.15.0, 2.1.0, 2.1.1, 2.1.2, 2.1.3, 2.1.4, 2.2.0, 2.2.1, 2.2.2, 2.2.3, 2.3.0, 2.3.1, 2.3.2, 2.3.3, 2.3.4, 2.4.0, 2.4.1, 2.4.2, 2.4.3, 2.4.4, 2.5.0, 2.5.1, 2.5.2, 2.5.3, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.7.0, 2.7.1, 2.7.2, 2.7.3, 2.7.4, 2.8.0, 2.8.1, 2.8.2, 2.8.3, 2.9.0, 2.9.1, 2.9.2, 2.10.0

All unaffected versions

2.8.4, 2.9.3, 2.10.1, 2.11.0, 2.11.1, 2.12.0, 2.12.1, 2.13.0, 2.13.1, 2.14.0, 2.14.1, 2.15.0, 2.15.1, 2.16.1, 2.16.2, 2.17.0, 2.17.1, 2.18.0, 2.18.1, 2.19.0, 2.19.1, 2.20.0
pypi:tensorflow
PURL: pkg:pypi/tensorflow
>= 2.9.0, < 2.9.3, < 2.8.4, >= 2.10.0, < 2.10.1 2.9.3, 2.8.4, 2.10.1
2,172 Dependent packages
73,755 Dependent repositories
21,825,433 Downloads last month

Affected Version Ranges

All affected versions

0.12.0, 0.12.1, 1.0.0, 1.0.1, 1.1.0, 1.2.0, 1.2.1, 1.3.0, 1.4.0, 1.4.1, 1.5.0, 1.5.1, 1.6.0, 1.7.0, 1.7.1, 1.8.0, 1.9.0, 1.10.0, 1.10.1, 1.11.0, 1.12.0, 1.12.2, 1.12.3, 1.13.1, 1.13.2, 1.14.0, 1.15.0, 1.15.2, 1.15.3, 1.15.4, 1.15.5, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.1.0, 2.1.1, 2.1.2, 2.1.3, 2.1.4, 2.2.0, 2.2.1, 2.2.2, 2.2.3, 2.3.0, 2.3.1, 2.3.2, 2.3.3, 2.3.4, 2.4.0, 2.4.1, 2.4.2, 2.4.3, 2.4.4, 2.5.0, 2.5.1, 2.5.2, 2.5.3, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.7.0, 2.7.1, 2.7.2, 2.7.3, 2.7.4, 2.8.0, 2.8.1, 2.8.2, 2.8.3, 2.9.0, 2.9.1, 2.9.2, 2.10.0

All unaffected versions

2.8.4, 2.9.3, 2.10.1, 2.11.0, 2.11.1, 2.12.0, 2.12.1, 2.13.0, 2.13.1, 2.14.0, 2.14.1, 2.15.0, 2.15.1, 2.16.1, 2.16.2, 2.17.0, 2.17.1, 2.18.0, 2.18.1, 2.19.0, 2.19.1

Impact

When the BaseCandidateSamplerOp function receives a value in true_classes larger than range_max, a heap oob vuln occurs.

tf.raw_ops.ThreadUnsafeUnigramCandidateSampler(
    true_classes=[[0x100000,1]],
    num_true = 2,
    num_sampled = 2,
    unique = False,
    range_max = 2,
    seed = 2,
    seed2 = 2)

Patches

We have patched the issue in GitHub commit b389f5c944cadfdfe599b3f1e4026e036f30d2d4.

The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.

For more information

Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.

Attribution

This vulnerability has been reported by Yu Tian of Qihoo 360 AIVul Team.

References:

Identifiers

GHSA-8w5g-3wcv-9g2j

CVE-2022-41880

Risk

Severity

Moderate

EPSS

EPSS Percentage: 0.00129

EPSS Percentile: 0.33166

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/tensorflow/tensorflow

Date and time

Published

almost 3 years ago

Updated

over 2 years ago

API

JSON