fix(deps): update dependency tensorflow to <2.12.2,>=2.12.1 [security] #205
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
<2.11.0,>=2.10.0
-><2.12.2,>=2.12.1
GitHub Vulnerability Alerts
CVE-2023-25658
Impact
Out of bounds read in GRUBlockCellGrad
Patches
We have patched the issue in GitHub commit ff459137c2716a2a60f7d441b855fcb466d778cb.
The fix will be included in TensorFlow 2.12.0. We will also cherrypick this commit on TensorFlow 2.11.1
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by r3pwnx.
CVE-2023-27579
Impact
Constructing a tflite model with a paramater
filter_input_channel
of less than 1 gives a FPE.Patches
We have patched the issue in GitHub commit 34f8368c535253f5c9cb3a303297743b62442aaa.
The fix will be included in TensorFlow 2.12. We will also cherrypick this commit on TensorFlow 2.11.1.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability was reported by Wang Xuan of Qihoo 360 AIVul Team.
CVE-2023-25801
Impact
nn_ops.fractional_avg_pool_v2
andnn_ops.fractional_max_pool_v2
require the first and fourth elements of their parameterpooling_ratio
to be equal to 1.0, as pooling on batch and channel dimensions is not supported.Patches
We have patched the issue in GitHub commit ee50d1e00f81f62a4517453f721c634bbb478307.
The fix will be included in TensorFlow 2.12. We will also cherrypick this commit on TensorFlow 2.11.1.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability was reported by dmc1778, of nimashiri2012@gmail.com.
CVE-2023-25676
Impact
When running with XLA,
tf.raw_ops.ParallelConcat
segfaults with a nullptr dereference when given a parametershape
with rank that is not greater than zero.Patches
We have patched the issue in GitHub commit da66bc6d5ff466aee084f9e7397980a24890cd15.
The fix will be included in TensorFlow 2.12. We will also cherrypick this commit on TensorFlow 2.11.1.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by r3pwnx of 360 AIVul Team
CVE-2023-25675
Impact
When running with XLA,
tf.raw_ops.Bincount
segfaults when given a parameterweights
that is neither the same shape as parameterarr
nor a length-0 tensor.Patches
We have patched the issue in GitHub commit 8ae76cf085f4be26295d2ecf2081e759e04b8acf.
The fix will be included in TensorFlow 2.12. We will also cherrypick this commit on TensorFlow 2.11.1.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by r3pwnx of 360 AIVul Team
CVE-2023-25674
Impact
NPE in RandomShuffle with XLA enable
Patches
We have patched the issue in GitHub commit 728113a3be690facad6ce436660a0bc1858017fa.
The fix will be included in TensorFlow 2.12.0. We will also cherrypick this commit on TensorFlow 2.11.1
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by r3pwnx
CVE-2023-25673
Impact
FPE in TensorListSplit with XLA
Patches
We have patched the issue in GitHub commit 728113a3be690facad6ce436660a0bc1858017fa.
The fix will be included in TensorFlow 2.12.0. We will also cherrypick this commit on TensorFlow 2.11.1
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by r3pwnx
CVE-2023-25672
Impact
The function
tf.raw_ops.LookupTableImportV2
cannot handle scalars in thevalues
parameter and gives an NPE.Patches
We have patched the issue in GitHub commit 980b22536abcbbe1b4a5642fc940af33d8c19b69.
The fix will be included in TensorFlow 2.12. We will also cherrypick this commit on TensorFlow 2.11.1.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by r3pwnx of 360 AIVul Team
CVE-2023-25671
Impact
Out-of-bounds access due to mismatched integer type sizes in ValueMap::Manager::GetValueOrCreatePlaceholder. Bug with tfg-translate call to InitMlir. The problem happens with generic functions, as it is already handled for non-generic functions. This is because they, unlike non-generic functions, are using the "old importer". A better long-term solution may be to have the "new importer" handle generic functions.
Patches
We have patched the issue in GitHub
The fix will be included in TensorFlow 2.12.0. We will also cherrypick this commit on TensorFlow 2.11.1
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by r3pwnx
Affiliation
360 AIVul
CVE-2023-25670
Impact
NPE in QuantizedMatMulWithBiasAndDequantize with MKL enable
Patches
We have patched the issue in GitHub commit 8a47a39d9697969206d23a523c977238717e8727.
The fix will be included in TensorFlow 2.12.0. We will also cherrypick this commit on TensorFlow 2.11.1
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by r3pwnx
CVE-2023-25669
Impact
If the stride and window size are not positive for
tf.raw_ops.AvgPoolGrad
, it can give an FPE.Patches
We have patched the issue in GitHub commit 1295ae4dbb52fe06b19733b0257e2340d7b63b8d.
The fix will be included in TensorFlow 2.12. We will also cherrypick this commit on TensorFlow 2.11.1.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by r3pwnx of 360 AIVul Team
CVE-2023-25668
Impact
Attackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or RCE.
When axis is larger than the dim of input, c->Dim(input,axis) goes out of bound.
Same problem occurs in the QuantizeAndDequantizeV2/V3/V4/V4Grad operations too.
Patches
We have patched the issue in GitHub commit 7b174a0f2e40ff3f3aa957aecddfd5aaae35eccb.
The fix will be included in TensorFlow 2.12.0. We will also cherrypick this commit on TensorFlow 2.11.1
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
CVE-2023-25667
Impact
Integer overflow occurs when 2^31 <= num_frames * height * width * channels < 2^32, for example Full HD screencast of at least 346 frames.
Patches
We have patched the issue in GitHub commit 8dc723fcdd1a6127d6c970bd2ecb18b019a1a58d.
The fix will be included in TensorFlow 2.12.0. We will also cherrypick this commit on TensorFlow 2.11.1
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by Andrei
CVE-2023-25666
Impact
version:2.11.0 //core/ops/audio_ops.cc:70
Status SpectrogramShapeFn(InferenceContext* c) { ShapeHandle input; TF_RETURN_IF_ERROR(c->WithRank(c->input(0), 2, &input)); int32_t window_size; TF_RETURN_IF_ERROR(c->GetAttr("window_size", &window_size)); int32_t stride; TF_RETURN_IF_ERROR(c->GetAttr("stride", &stride)); .....[1]
DimensionHandle input_length = c->Dim(input, 0); DimensionHandle input_channels = c->Dim(input, 1);
DimensionHandle output_length; if (!c->ValueKnown(input_length)) { output_length = c->UnknownDim(); } else { const int64_t input_length_value = c->Value(input_length); const int64_t length_minus_window = (input_length_value - window_size); int64_t output_length_value; if (length_minus_window < 0) { output_length_value = 0; } else { output_length_value = 1 + (length_minus_window / stride); .....[2] } output_length = c->MakeDim(output_length_value); }
Get the value of stride at [1], and the used at [2]
Patches
We have patched the issue in GitHub commit d0d4e779da0d0f56499c6fa5ba09f0a576cc6b14.
The fix will be included in TensorFlow 2.12.0. We will also cherrypick this commit on TensorFlow 2.11.1
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by r3pwnx
CVE-2023-25665
Impact
When
SparseSparseMaximum
is given invalid sparse tensors as inputs, it can give an NPE.Patches
We have patched the issue in GitHub commit 5e0ecfb42f5f65629fd7a4edd6c4afe7ff0feb04.
The fix will be included in TensorFlow 2.12. We will also cherrypick this commit on TensorFlow 2.11.1.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by Yu Tian of Qihoo 360 AIVul Team
CVE-2023-25664
Impact
Patches
We have patched the issue in GitHub commit ddaac2bdd099bec5d7923dea45276a7558217e5b.
The fix will be included in TensorFlow 2.12.0. We will also cherrypick this commit on TensorFlow 2.11.1
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by [email protected]
CVE-2023-25663
Impact
When ctx->step_containter() is a null ptr, the Lookup function will be executed with a null pointer.
Patches
We have patched the issue in GitHub commit 239139d2ae6a81ae9ba499ad78b56d9b2931538a.
The fix will be included in TensorFlow 2.12.0. We will also cherrypick this commit on TensorFlow 2.11.1
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by Yu Tian
CVE-2023-25662
Impact
TFversion 2.11.0 //tensorflow/core/ops/array_ops.cc:1067 const Tensor* hypothesis_shape_t = c->input_tensor(2); std::vector dims(hypothesis_shape_t->NumElements() - 1); for (int i = 0; i < dims.size(); ++i) { dims[i] = c->MakeDim(std::max(h_values(i), t_values(i))); }
if hypothesis_shape_t is empty, hypothesis_shape_t->NumElements() - 1 will be integer overflow, and the it will deadlock
Patches
We have patched the issue in GitHub commit 08b8e18643d6dcde00890733b270ff8d9960c56c.
The fix will be included in TensorFlow 2.12.0. We will also cherrypick this commit on TensorFlow 2.11.1
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by r3pwnx
CVE-2023-25660
Impact
When the parameter
summarize
oftf.raw_ops.Print
is zero, the new methodSummarizeArray<bool>
will reference to a nullptr, leading to a seg fault.Patches
We have patched the issue in GitHub commit 6d423b8bcc9aa9f5554dc988c1c16d038b508df1.
The fix will be included in TensorFlow 2.12. We will also cherrypick this commit on TensorFlow 2.11.1.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by Yu Tian of Qihoo 360 AIVul Team
CVE-2023-25659
Impact
If the parameter
indices
forDynamicStitch
does not match the shape of the parameterdata
, it can trigger an stack OOB read.Patches
We have patched the issue in GitHub commit ee004b18b976eeb5a758020af8880236cd707d05.
The fix will be included in TensorFlow 2.12. We will also cherrypick this commit on TensorFlow 2.11.1.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This has been reported via Google OSS VRP.
CVE-2023-25661
Impact
A malicious invalid input crashes a tensorflow model (Check Failed) and can be used to trigger a denial of service attack.
To minimize the bug, we built a simple single-layer TensorFlow model containing a Convolution3DTranspose layer, which works well with expected inputs and can be deployed in real-world systems. However, if we call the model with a malicious input which has a zero dimension, it gives Check Failed failure and crashes.
This Convolution3DTranspose layer is a very common API in modern neural networks. The ML models containing such vulnerable components could be deployed in ML applications or as cloud services. This failure could be potentially used to trigger a denial of service attack on ML cloud services.
Patches
We have patched the issue in
The fix will be included in TensorFlow 2.12.0. We will also cherrypick this commit on TensorFlow 2.11.1
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
CVE-2023-33976
Impact
array_ops.upper_bound
causes a segfault when not given a rank 2 tensor.Patches
We have patched the issue in GitHub commit 915884fdf5df34aaedd00fc6ace33a2cfdefa586.
The fix will be included in TensorFlow 2.13. We will also cherrypick this commit in TensorFlow 2.12.1.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by dmc1778
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.