Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS05ajR2LXBwMjgtbXh2N84AAu2F

TensorFlow vulnerable to `CHECK` fail in `FakeQuantWithMinMaxVarsPerChannel`

Impact

If FakeQuantWithMinMaxVarsPerChannel is given min or max tensors of a rank other than one, it results in a CHECK fail that can be used to trigger a denial of service attack.

import tensorflow as tf

num_bits = 8
narrow_range = False
inputs = tf.constant(0, shape=[4], dtype=tf.float32)
min = tf.constant([], shape=[4,0,0], dtype=tf.float32)
max = tf.constant(0, shape=[4], dtype=tf.float32)
tf.raw_ops.FakeQuantWithMinMaxVarsPerChannel(inputs=inputs, min=min, max=max, num_bits=num_bits, narrow_range=narrow_range)

Patches

We have patched the issue in GitHub commit 785d67a78a1d533759fcd2f5e8d6ef778de849e0.

The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range.

For more information

Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.

Attribution

This vulnerability has been reported by Neophytos Christou, Secure Systems Labs, Brown University.

Permalink: https://github.com/advisories/GHSA-9j4v-pp28-mxv7
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS05ajR2LXBwMjgtbXh2N84AAu2F
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: about 1 year ago
Updated: 10 months ago

CVSS Score: 5.9
CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Identifiers: GHSA-9j4v-pp28-mxv7, CVE-2022-36019
References:

Ecosyste.ms: Advisories

Security Advisories: GSA_kwCzR0hTQS05ajR2LXBwMjgtbXh2N84AAu2F

Impact

Patches

For more information

Attribution

Affected Packages

pypi:tensorflow-gpu

pypi:tensorflow-cpu

pypi:tensorflow