{ "schema_version": "1.4.0", "id": "GHSA-g25h-jr74-qp5j", "modified": "2024-11-13T20:57:19Z", "published": "2021-08-25T14:42:23Z", "aliases": [ "CVE-2021-37663" ], "summary": "Incomplete validation in `QuantizeV2`", "details": "### Impact \nDue to incomplete validation in `tf.raw_ops.QuantizeV2`, an attacker can trigger undefined behavior via binding a reference to a null pointer or can access data outside the bounds of heap allocated arrays:\n\n```python\nimport tensorflow as tf\n\ntf.raw_ops.QuantizeV2(\n input=[1,2,3],\n min_range=[1,2],\n max_range=[],\n T=tf.qint32,\n mode='SCALED',\n round_mode='HALF_AWAY_FROM_ZERO',\n narrow_range=False,\n axis=1,\n ensure_minimum_range=3)\n```\n\nThe [implementation](https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/quantize_op.cc#L59) has some validation but does not check that `min_range` and `max_range` both have the same non-zero number of elements. If `axis` is provided (i.e., not `-1`), then validation should check that it is a value in range for the rank of `input` tensor and then the lengths of `min_range` and `max_range` inputs match the `axis` dimension of the `input` tensor.\n \n### Patches\nWe have patched the issue in GitHub commit [6da6620efad397c85493b8f8667b821403516708](https://github.com/tensorflow/tensorflow/commit/6da6620efad397c85493b8f8667b821403516708).\n \nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "type": "CVSS_V4", "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" } ], "affected": [ { "package": { "ecosystem": "PyPI", "name": "tensorflow" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "2.3.4" } ] } ] }, { "package": { "ecosystem": "PyPI", "name": "tensorflow" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "2.4.0" }, { "fixed": "2.4.3" } ] } ] }, { "package": { "ecosystem": "PyPI", "name": "tensorflow" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "2.5.0" }, { "fixed": "2.5.1" } ] } ], "versions": [ "2.5.0" ] }, { "package": { "ecosystem": "PyPI", "name": "tensorflow-cpu" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "2.3.4" } ] } ] }, { "package": { "ecosystem": "PyPI", "name": "tensorflow-cpu" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "2.4.0" }, { "fixed": "2.4.3" } ] } ] }, { "package": { "ecosystem": "PyPI", "name": "tensorflow-cpu" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "2.5.0" }, { "fixed": "2.5.1" } ] } ], "versions": [ "2.5.0" ] }, { "package": { "ecosystem": "PyPI", "name": "tensorflow-gpu" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "2.3.4" } ] } ] }, { "package": { "ecosystem": "PyPI", "name": "tensorflow-gpu" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "2.4.0" }, { "fixed": "2.4.3" } ] } ] }, { "package": { "ecosystem": "PyPI", "name": "tensorflow-gpu" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "2.5.0" }, { "fixed": "2.5.1" } ] } ], "versions": [ "2.5.0" ] } ], "references": [ { "type": "WEB", "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-g25h-jr74-qp5j" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37663" }, { "type": "WEB", "url": "https://github.com/tensorflow/tensorflow/commit/6da6620efad397c85493b8f8667b821403516708" }, { "type": "WEB", "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-576.yaml" }, { "type": "WEB", "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-774.yaml" }, { "type": "WEB", "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-285.yaml" }, { "type": "WEB", "url": "https://github.com/tensorflow/tensorflow" } ], "database_specific": { "cwe_ids": [ "CWE-20" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2021-08-24T13:40:09Z", "nvd_published_at": "2021-08-12T23:15:00Z" } }