Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS05ajR2LXBwMjgtbXh2N84AAu2F

Moderate EPSS: 0.00215% (0.44148 Percentile) EPSS:
Permalink JSON

TensorFlow vulnerable to `CHECK` fail in `FakeQuantWithMinMaxVarsPerChannel`

Affected Packages Affected Versions Fixed Versions
pypi:tensorflow-gpu
PURL: pkg:pypi/tensorflow-gpu
>= 2.9.0, < 2.9.1, >= 2.8.0, < 2.8.1, < 2.7.2 2.9.1, 2.8.1, 2.7.2
155 Dependent packages
11,499 Dependent repositories
78,758 Downloads last month

Affected Version Ranges

All affected versions

0.12.0, 0.12.1, 1.0.0, 1.0.1, 1.1.0, 1.2.0, 1.2.1, 1.3.0, 1.4.0, 1.4.1, 1.5.0, 1.5.1, 1.6.0, 1.7.0, 1.7.1, 1.8.0, 1.9.0, 1.10.0, 1.10.1, 1.11.0, 1.12.0, 1.12.2, 1.12.3, 1.13.1, 1.13.2, 1.14.0, 1.15.0, 1.15.2, 1.15.3, 1.15.4, 1.15.5, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.1.0, 2.1.1, 2.1.2, 2.1.3, 2.1.4, 2.2.0, 2.2.1, 2.2.2, 2.2.3, 2.3.0, 2.3.1, 2.3.2, 2.3.3, 2.3.4, 2.4.0, 2.4.1, 2.4.2, 2.4.3, 2.4.4, 2.5.0, 2.5.1, 2.5.2, 2.5.3, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.7.0, 2.7.1, 2.8.0, 2.9.0

All unaffected versions

2.7.2, 2.7.3, 2.7.4, 2.8.1, 2.8.2, 2.8.3, 2.8.4, 2.9.1, 2.9.2, 2.9.3, 2.10.0, 2.10.1, 2.11.0, 2.12.0
pypi:tensorflow-cpu
PURL: pkg:pypi/tensorflow-cpu
>= 2.9.0, < 2.9.1, >= 2.8.0, < 2.8.1, < 2.7.2 2.9.1, 2.8.1, 2.7.2
88 Dependent packages
2,483 Dependent repositories
909,001 Downloads last month

Affected Version Ranges

All affected versions

1.15.0, 2.1.0, 2.1.1, 2.1.2, 2.1.3, 2.1.4, 2.2.0, 2.2.1, 2.2.2, 2.2.3, 2.3.0, 2.3.1, 2.3.2, 2.3.3, 2.3.4, 2.4.0, 2.4.1, 2.4.2, 2.4.3, 2.4.4, 2.5.0, 2.5.1, 2.5.2, 2.5.3, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.7.0, 2.7.1, 2.8.0, 2.9.0

All unaffected versions

2.7.2, 2.7.3, 2.7.4, 2.8.1, 2.8.2, 2.8.3, 2.8.4, 2.9.1, 2.9.2, 2.9.3, 2.10.0, 2.10.1, 2.11.0, 2.11.1, 2.12.0, 2.12.1, 2.13.0, 2.13.1, 2.14.0, 2.14.1, 2.15.0, 2.15.1, 2.16.1, 2.16.2, 2.17.0, 2.17.1, 2.18.0, 2.18.1, 2.19.0, 2.19.1, 2.20.0
pypi:tensorflow
PURL: pkg:pypi/tensorflow
>= 2.9.0, < 2.9.1, >= 2.8.0, < 2.8.1, < 2.7.2 2.9.1, 2.8.1, 2.7.2
2,172 Dependent packages
73,755 Dependent repositories
21,825,433 Downloads last month

Affected Version Ranges

All affected versions

0.12.0, 0.12.1, 1.0.0, 1.0.1, 1.1.0, 1.2.0, 1.2.1, 1.3.0, 1.4.0, 1.4.1, 1.5.0, 1.5.1, 1.6.0, 1.7.0, 1.7.1, 1.8.0, 1.9.0, 1.10.0, 1.10.1, 1.11.0, 1.12.0, 1.12.2, 1.12.3, 1.13.1, 1.13.2, 1.14.0, 1.15.0, 1.15.2, 1.15.3, 1.15.4, 1.15.5, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.1.0, 2.1.1, 2.1.2, 2.1.3, 2.1.4, 2.2.0, 2.2.1, 2.2.2, 2.2.3, 2.3.0, 2.3.1, 2.3.2, 2.3.3, 2.3.4, 2.4.0, 2.4.1, 2.4.2, 2.4.3, 2.4.4, 2.5.0, 2.5.1, 2.5.2, 2.5.3, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.7.0, 2.7.1, 2.8.0, 2.9.0

All unaffected versions

2.7.2, 2.7.3, 2.7.4, 2.8.1, 2.8.2, 2.8.3, 2.8.4, 2.9.1, 2.9.2, 2.9.3, 2.10.0, 2.10.1, 2.11.0, 2.11.1, 2.12.0, 2.12.1, 2.13.0, 2.13.1, 2.14.0, 2.14.1, 2.15.0, 2.15.1, 2.16.1, 2.16.2, 2.17.0, 2.17.1, 2.18.0, 2.18.1, 2.19.0, 2.19.1

Impact

If FakeQuantWithMinMaxVarsPerChannel is given min or max tensors of a rank other than one, it results in a CHECK fail that can be used to trigger a denial of service attack.

import tensorflow as tf

num_bits = 8
narrow_range = False
inputs = tf.constant(0, shape=[4], dtype=tf.float32)
min = tf.constant([], shape=[4,0,0], dtype=tf.float32)
max = tf.constant(0, shape=[4], dtype=tf.float32)
tf.raw_ops.FakeQuantWithMinMaxVarsPerChannel(inputs=inputs, min=min, max=max, num_bits=num_bits, narrow_range=narrow_range)

Patches

We have patched the issue in GitHub commit 785d67a78a1d533759fcd2f5e8d6ef778de849e0.

The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range.

For more information

Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.

Attribution

This vulnerability has been reported by Neophytos Christou, Secure Systems Labs, Brown University.

References:

Identifiers

GHSA-9j4v-pp28-mxv7

CVE-2022-36019

Risk

Severity

Moderate

EPSS

EPSS Percentage: 0.00215

EPSS Percentile: 0.44148

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/tensorflow/tensorflow

Date and time

Published

almost 3 years ago

Updated

over 2 years ago

API

JSON