CWE-824
AllowedAccess of Uninitialized Pointer
Abstraction: Base · Status: Incomplete
The product accesses or uses a pointer that has not been initialized.
451 vulnerabilities reference this CWE, most recent first.
GHSA-V4R4-QXJG-89Q5
Vulnerability from github – Published: 2024-05-08 15:30 – Updated: 2024-05-08 15:30When IPsec is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
{
"affected": [],
"aliases": [
"CVE-2024-33608"
],
"database_specific": {
"cwe_ids": [
"CWE-824"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-08T15:15:10Z",
"severity": "HIGH"
},
"details": "When IPsec is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",
"id": "GHSA-v4r4-qxjg-89q5",
"modified": "2024-05-08T15:30:43Z",
"published": "2024-05-08T15:30:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33608"
},
{
"type": "WEB",
"url": "https://my.f5.com/manage/s/article/K000138728"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-V768-W7M9-2VMM
Vulnerability from github – Published: 2021-08-25 14:41 – Updated: 2024-11-13 21:13Impact
An attacker can cause undefined behavior via binding a reference to null pointer in tf.raw_ops.SparseFillEmptyRows:
import tensorflow as tf
tf.compat.v1.disable_v2_behavior()
tf.raw_ops.SparseFillEmptyRows(
indices = tf.constant([], shape=[0, 0], dtype=tf.int64),
values = tf.constant([], shape=[0], dtype=tf.int64),
dense_shape = tf.constant([], shape=[0], dtype=tf.int64),
default_value = 0)
The shape inference implementation does not validate that the input arguments are not empty tensors.
Patches
We have patched the issue in GitHub commit 578e634b4f1c1c684d4b4294f9e5281b2133b3ed.
The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by Yakun Zhang of Baidu Security
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.3.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0"
},
{
"fixed": "2.4.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.5.0"
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.3.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0"
},
{
"fixed": "2.4.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.5.0"
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.3.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0"
},
{
"fixed": "2.4.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.5.0"
]
}
],
"aliases": [
"CVE-2021-37676"
],
"database_specific": {
"cwe_ids": [
"CWE-824"
],
"github_reviewed": true,
"github_reviewed_at": "2021-08-24T15:44:08Z",
"nvd_published_at": "2021-08-12T22:15:00Z",
"severity": "HIGH"
},
"details": "### Impact\nAn attacker can cause undefined behavior via binding a reference to null pointer in `tf.raw_ops.SparseFillEmptyRows`:\n\n```python\nimport tensorflow as tf\n \ntf.compat.v1.disable_v2_behavior()\ntf.raw_ops.SparseFillEmptyRows(\n indices = tf.constant([], shape=[0, 0], dtype=tf.int64),\n values = tf.constant([], shape=[0], dtype=tf.int64),\n dense_shape = tf.constant([], shape=[0], dtype=tf.int64),\n default_value = 0)\n```\n \nThe shape inference [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/ops/sparse_ops.cc#L608-L634) does not validate that the input arguments are not empty tensors.\n\n### Patches \nWe have patched the issue in GitHub commit [578e634b4f1c1c684d4b4294f9e5281b2133b3ed](https://github.com/tensorflow/tensorflow/commit/578e634b4f1c1c684d4b4294f9e5281b2133b3ed).\n\nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Yakun Zhang of Baidu Security",
"id": "GHSA-v768-w7m9-2vmm",
"modified": "2024-11-13T21:13:31Z",
"published": "2021-08-25T14:41:26Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v768-w7m9-2vmm"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37676"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/commit/578e634b4f1c1c684d4b4294f9e5281b2133b3ed"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-589.yaml"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-787.yaml"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-298.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/tensorflow/tensorflow"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Reference binding to nullptr in shape inference"
}
GHSA-V84H-8XQ6-RV63
Vulnerability from github – Published: 2026-05-12 12:32 – Updated: 2026-05-12 12:32A vulnerability has been identified in Solid Edge SE2026 (All versions < V226.0 Update 5). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.
{
"affected": [],
"aliases": [
"CVE-2026-44411"
],
"database_specific": {
"cwe_ids": [
"CWE-824"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-12T10:16:46Z",
"severity": "HIGH"
},
"details": "A vulnerability has been identified in Solid Edge SE2026 (All versions \u003c V226.0 Update 5). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.",
"id": "GHSA-v84h-8xq6-rv63",
"modified": "2026-05-12T12:32:15Z",
"published": "2026-05-12T12:32:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44411"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-921111.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-VHQG-PHQC-XG4M
Vulnerability from github – Published: 2023-11-17 12:30 – Updated: 2023-11-17 12:30Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
{
"affected": [],
"aliases": [
"CVE-2023-47072"
],
"database_specific": {
"cwe_ids": [
"CWE-824"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-17T11:15:08Z",
"severity": "LOW"
},
"details": "Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
"id": "GHSA-vhqg-phqc-xg4m",
"modified": "2023-11-17T12:30:19Z",
"published": "2023-11-17T12:30:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47072"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/after_effects/apsb23-66.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-VR33-6WRQ-RRVX
Vulnerability from github – Published: 2023-04-13 00:30 – Updated: 2023-04-13 00:30Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
{
"affected": [],
"aliases": [
"CVE-2023-26387"
],
"database_specific": {
"cwe_ids": [
"CWE-824"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-04-12T22:15:00Z",
"severity": "MODERATE"
},
"details": "Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
"id": "GHSA-vr33-6wrq-rrvx",
"modified": "2023-04-13T00:30:49Z",
"published": "2023-04-13T00:30:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26387"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/substance3d_stager/apsb23-26.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-VVQ3-82M9-8CMJ
Vulnerability from github – Published: 2024-05-03 03:30 – Updated: 2024-05-03 03:30Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of XE files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20200.
{
"affected": [],
"aliases": [
"CVE-2023-35712"
],
"database_specific": {
"cwe_ids": [
"CWE-824"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-03T02:15:33Z",
"severity": "HIGH"
},
"details": "Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XE files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20200.",
"id": "GHSA-vvq3-82m9-8cmj",
"modified": "2024-05-03T03:30:52Z",
"published": "2024-05-03T03:30:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35712"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-875"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-VWHQ-49R4-GJ9V
Vulnerability from github – Published: 2021-11-10 18:58 – Updated: 2024-11-07 22:17Impact
The shape inference code for tf.ragged.cross has an undefined behavior due to binding a reference to nullptr. In the following scenario, this results in a crash:
import tensorflow as tf
@tf.function
def test():
y = tf.ragged.cross([tf.ragged.constant([['1']]),'2'])
return y
test()
Patches
We have patched the issue in GitHub commit fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8.
The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by members of the Aivul Team from Qihoo 360.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.6.0"
},
{
"fixed": "2.6.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.4.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.6.0"
},
{
"fixed": "2.6.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.4.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.6.0"
},
{
"fixed": "2.6.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.4.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-41214"
],
"database_specific": {
"cwe_ids": [
"CWE-824"
],
"github_reviewed": true,
"github_reviewed_at": "2021-11-08T22:24:08Z",
"nvd_published_at": "2021-11-05T21:15:00Z",
"severity": "HIGH"
},
"details": "### Impact\nThe [shape inference code for `tf.ragged.cross`](https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/ops/ragged_array_ops.cc#L64) has an undefined behavior due to binding a reference to `nullptr`. In the following scenario, this results in a crash:\n\n```python\nimport tensorflow as tf\n \n@tf.function \ndef test(): \n y = tf.ragged.cross([tf.ragged.constant([[\u00271\u0027]]),\u00272\u0027])\n return y \n \ntest() \n``` \n \n### Patches\nWe have patched the issue in GitHub commit [fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8](https://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8).\n \nThe fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.",
"id": "GHSA-vwhq-49r4-gj9v",
"modified": "2024-11-07T22:17:16Z",
"published": "2021-11-10T18:58:16Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vwhq-49r4-gj9v"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41214"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-623.yaml"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-821.yaml"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-406.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/tensorflow/tensorflow"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Reference binding to `nullptr` in `tf.ragged.cross`"
}
GHSA-W466-HVWW-7WFM
Vulnerability from github – Published: 2022-05-13 01:25 – Updated: 2022-05-13 01:25Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly interact with extensions, which allows remote attackers to cause a denial of service via a crafted extension that triggers an uninitialized pointer.
{
"affected": [],
"aliases": [
"CVE-2011-0479"
],
"database_specific": {
"cwe_ids": [
"CWE-824"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2011-01-14T17:00:00Z",
"severity": "HIGH"
},
"details": "Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly interact with extensions, which allows remote attackers to cause a denial of service via a crafted extension that triggers an uninitialized pointer.",
"id": "GHSA-w466-hvww-7wfm",
"modified": "2022-05-13T01:25:08Z",
"published": "2022-05-13T01:25:08Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0479"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64670"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14746"
},
{
"type": "WEB",
"url": "http://code.google.com/p/chromium/issues/detail?id=67393"
},
{
"type": "WEB",
"url": "http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html"
},
{
"type": "WEB",
"url": "http://osvdb.org/70462"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/42951"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/45788"
},
{
"type": "WEB",
"url": "http://www.srware.net/forum/viewtopic.php?f=18\u0026t=2054"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-W4XF-2PQW-5MQ7
Vulnerability from github – Published: 2021-08-25 14:42 – Updated: 2024-11-13 20:58Impact
An attacker can cause undefined behavior via binding a reference to null pointer in tf.raw_ops.RaggedTensorToVariant:
import tensorflow as tf
tf.raw_ops.RaggedTensorToVariant(
rt_nested_splits=[],
rt_dense_values=[1,2,3],
batched_input=True)
The implementation has an incomplete validation of the splits values, missing the case when the argument would be empty.
Patches
We have patched the issue in GitHub commit be7a4de6adfbd303ce08be4332554dff70362612.
The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by members of the Aivul Team from Qihoo 360.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.3.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0"
},
{
"fixed": "2.4.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.5.0"
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.3.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0"
},
{
"fixed": "2.4.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.5.0"
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.3.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0"
},
{
"fixed": "2.4.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.5.0"
]
}
],
"aliases": [
"CVE-2021-37666"
],
"database_specific": {
"cwe_ids": [
"CWE-824"
],
"github_reviewed": true,
"github_reviewed_at": "2021-08-24T13:57:28Z",
"nvd_published_at": "2021-08-12T22:15:00Z",
"severity": "HIGH"
},
"details": "### Impact\nAn attacker can cause undefined behavior via binding a reference to null pointer in `tf.raw_ops.RaggedTensorToVariant`:\n\n```python\nimport tensorflow as tf\n\ntf.raw_ops.RaggedTensorToVariant(\n rt_nested_splits=[],\n rt_dense_values=[1,2,3],\n batched_input=True)\n```\n \nThe [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/ragged_tensor_to_variant_op.cc#L129) has an incomplete validation of the splits values, missing the case when the argument would be empty.\n\n### Patches\nWe have patched the issue in GitHub commit [be7a4de6adfbd303ce08be4332554dff70362612](https://github.com/tensorflow/tensorflow/commit/be7a4de6adfbd303ce08be4332554dff70362612).\n\nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n \n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.",
"id": "GHSA-w4xf-2pqw-5mq7",
"modified": "2024-11-13T20:58:48Z",
"published": "2021-08-25T14:42:13Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-w4xf-2pqw-5mq7"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37666"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/commit/be7a4de6adfbd303ce08be4332554dff70362612"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-579.yaml"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-777.yaml"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-288.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/tensorflow/tensorflow"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Reference binding to nullptr in `RaggedTensorToVariant`"
}
GHSA-W74J-V8XH-3W5H
Vulnerability from github – Published: 2021-08-25 14:42 – Updated: 2024-11-13 20:59Impact
An attacker can cause undefined behavior via binding a reference to null pointer in tf.raw_ops.UnicodeEncode:
import tensorflow as tf
from tensorflow.python.ops import gen_string_ops
gen_string_ops.unicode_encode(
input_values=[],
input_splits=[],
output_encoding='UTF-8',
errors='ignore',
replacement_char='a')
The implementation reads the first dimension of the input_splits tensor before validating that this tensor is not empty:
const Tensor& input_splits = context->input(1);
const auto input_splits_flat = input_splits.flat<SPLITS_TYPE>();
TensorShape output_shape({input_splits.dim_size(0) - 1});
Patches
We have patched the issue in GitHub commit 2e0ee46f1a47675152d3d865797a18358881d7a6.
The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by members of the Aivul Team from Qihoo 360.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.3.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0"
},
{
"fixed": "2.4.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.5.0"
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.3.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0"
},
{
"fixed": "2.4.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.5.0"
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.3.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0"
},
{
"fixed": "2.4.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.5.0"
]
}
],
"aliases": [
"CVE-2021-37667"
],
"database_specific": {
"cwe_ids": [
"CWE-824"
],
"github_reviewed": true,
"github_reviewed_at": "2021-08-24T14:18:05Z",
"nvd_published_at": "2021-08-12T22:15:00Z",
"severity": "HIGH"
},
"details": "### Impact\nAn attacker can cause undefined behavior via binding a reference to null pointer in `tf.raw_ops.UnicodeEncode`:\n\n```python\nimport tensorflow as tf\nfrom tensorflow.python.ops import gen_string_ops\n\ngen_string_ops.unicode_encode(\n input_values=[],\n input_splits=[],\n output_encoding=\u0027UTF-8\u0027,\n errors=\u0027ignore\u0027,\n replacement_char=\u0027a\u0027)\n```\n\nThe [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/unicode_ops.cc#L533-L539) reads the first dimension of the `input_splits` tensor before validating that this tensor is not empty: \n\n```cc\n const Tensor\u0026 input_splits = context-\u003einput(1);\n const auto input_splits_flat = input_splits.flat\u003cSPLITS_TYPE\u003e();\n TensorShape output_shape({input_splits.dim_size(0) - 1});\n```\n\n### Patches\nWe have patched the issue in GitHub commit [2e0ee46f1a47675152d3d865797a18358881d7a6](https://github.com/tensorflow/tensorflow/commit/2e0ee46f1a47675152d3d865797a18358881d7a6).\n\nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.",
"id": "GHSA-w74j-v8xh-3w5h",
"modified": "2024-11-13T20:59:17Z",
"published": "2021-08-25T14:42:09Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-w74j-v8xh-3w5h"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37667"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/commit/2e0ee46f1a47675152d3d865797a18358881d7a6"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-580.yaml"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-778.yaml"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-289.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/tensorflow/tensorflow"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Reference binding to nullptr in unicode encoding"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.