- Description
- TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.QuantizedBatchNormWithGlobalNormalization`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/55a97caa9e99c7f37a0bbbeb414dc55553d3ae7f/tensorflow/core/kernels/quantized_batch_norm_op.cc) does not validate all constraints specified in the op's contract(https://www.tensorflow.org/api_docs/python/tf/raw_ops/QuantizedBatchNormWithGlobalNormalization). The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.
- Source
- security-advisories@github.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:N/I:N/A:P
- security-advisories@github.com
- CWE-369
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "323ABCCE-24EB-47CC-87F6-48C101477587",
"versionEndExcluding": "2.1.4"
},
{
"criteria": "cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "64ABA90C-0649-4BB0-89C9-83C14BBDCC0F",
"versionEndExcluding": "2.2.3",
"versionStartIncluding": "2.2.0"
},
{
"criteria": "cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0F83E0CF-CBF6-4C24-8683-3E7A5DC95BA9",
"versionEndExcluding": "2.3.3",
"versionStartIncluding": "2.3.0"
},
{
"criteria": "cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8259531B-A8AC-4F8B-B60F-B69DE4767C03",
"versionEndExcluding": "2.4.2",
"versionStartIncluding": "2.4.0"
}
],
"operator": "OR"
}
]
}
]