cnvd - cnvd-2021-92554

cnvd-2021-92554

Vulnerability from cnvd

Title: Google TensorFlow存在未明漏洞（CNVD-2021-92554）

Description:

Google TensorFlow是美国谷歌（Google）公司的一套用于机器学习的端到端开源平台。

Google TensorFlow 存在安全漏洞，该漏洞源于 Grappler 优化器使用了未初始化的变量。如果 train_nodes 向量（从保存的优化模型中获得）不包含 Dequeue 节点，那么 dequeue_node 将被单元化。目前没有详细的漏洞细节提供。

Severity: 低

Patch Name: Google TensorFlow存在未明漏洞（CNVD-2021-92554）的补丁

Patch Description:

Google TensorFlow是美国谷歌（Google）公司的一套用于机器学习的端到端开源平台。

Google TensorFlow 存在安全漏洞，该漏洞源于 Grappler 优化器使用了未初始化的变量。如果 train_nodes 向量（从保存的优化模型中获得）不包含 Dequeue 节点，那么 dequeue_node 将被单元化。目前没有详细的漏洞细节提供。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7r94-xv9v-63jw

Reference: https://nvd.nist.gov/vuln/detail/CVE-2021-41225

Impacted products

Name
['Google TensorFlow >=2.5.0，<2.5.2', 'Google TensorFlow >=2.6.0，<2.6.1', 'Google TensorFlow >=2.4.0，<2.4.4']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-41225"
    }
  },
  "description": "Google TensorFlow\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8e\u673a\u5668\u5b66\u4e60\u7684\u7aef\u5230\u7aef\u5f00\u6e90\u5e73\u53f0\u3002\n\nGoogle TensorFlow \u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e Grappler \u4f18\u5316\u5668\u4f7f\u7528\u4e86\u672a\u521d\u59cb\u5316\u7684\u53d8\u91cf\u3002 \u5982\u679c train_nodes \u5411\u91cf\uff08\u4ece\u4fdd\u5b58\u7684\u4f18\u5316\u6a21\u578b\u4e2d\u83b7\u5f97\uff09\u4e0d\u5305\u542b Dequeue \u8282\u70b9\uff0c\u90a3\u4e48 dequeue_node \u5c06\u88ab\u5355\u5143\u5316\u3002 \u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7r94-xv9v-63jw",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-92554",
  "openTime": "2021-11-30",
  "patchDescription": "Google TensorFlow\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8e\u673a\u5668\u5b66\u4e60\u7684\u7aef\u5230\u7aef\u5f00\u6e90\u5e73\u53f0\u3002\r\n\r\nGoogle TensorFlow \u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e Grappler \u4f18\u5316\u5668\u4f7f\u7528\u4e86\u672a\u521d\u59cb\u5316\u7684\u53d8\u91cf\u3002 \u5982\u679c train_nodes \u5411\u91cf\uff08\u4ece\u4fdd\u5b58\u7684\u4f18\u5316\u6a21\u578b\u4e2d\u83b7\u5f97\uff09\u4e0d\u5305\u542b Dequeue \u8282\u70b9\uff0c\u90a3\u4e48 dequeue_node \u5c06\u88ab\u5355\u5143\u5316\u3002 \u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Google TensorFlow\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2021-92554\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Google TensorFlow \u003e=2.5.0\uff0c\u003c2.5.2",
      "Google TensorFlow \u003e=2.6.0\uff0c\u003c2.6.1",
      "Google TensorFlow \u003e=2.4.0\uff0c\u003c2.4.4"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-41225",
  "serverity": "\u4f4e",
  "submitTime": "2021-11-09",
  "title": "Google TensorFlow\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2021-92554\uff09"
}

CVE-2021-41225 (GCVE-0-2021-41225)

Vulnerability from cvelistv5

Published

2021-11-05 22:30

Modified

2024-08-04 03:08

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-908 - Use of Uninitialized Resource

Summary

TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's Grappler optimizer has a use of unitialized variable. If the `train_nodes` vector (obtained from the saved model that gets optimized) does not contain a `Dequeue` node, then `dequeue_node` is left unitialized. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.

References

▼	URL	Tags
	https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7r94-xv9v-63jw	x_refsource_CONFIRM
	https://github.com/tensorflow/tensorflow/commit/68867bf01239d9e1048f98cbad185bf4761bedd3	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	tensorflow	tensorflow	Version: >= 2.6.0, < 2.6.1 Version: >= 2.5.0, < 2.5.2 Version: < 2.4.4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T03:08:31.609Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7r94-xv9v-63jw"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/tensorflow/tensorflow/commit/68867bf01239d9e1048f98cbad185bf4761bedd3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "tensorflow",
          "vendor": "tensorflow",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 2.6.0, \u003c 2.6.1"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.5.0, \u003c 2.5.2"
            },
            {
              "status": "affected",
              "version": "\u003c 2.4.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "TensorFlow is an open source platform for machine learning. In affected versions TensorFlow\u0027s Grappler optimizer has a use of unitialized variable. If the `train_nodes` vector (obtained from the saved model that gets optimized) does not contain a `Dequeue` node, then `dequeue_node` is left unitialized. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-908",
              "description": "CWE-908: Use of Uninitialized Resource",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-05T22:30:17",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7r94-xv9v-63jw"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/tensorflow/tensorflow/commit/68867bf01239d9e1048f98cbad185bf4761bedd3"
        }
      ],
      "source": {
        "advisory": "GHSA-7r94-xv9v-63jw",
        "discovery": "UNKNOWN"
      },
      "title": "A use of uninitialized value vulnerability in Tensorflow",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2021-41225",
          "STATE": "PUBLIC",
          "TITLE": "A use of uninitialized value vulnerability in Tensorflow"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "tensorflow",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003e= 2.6.0, \u003c 2.6.1"
                          },
                          {
                            "version_value": "\u003e= 2.5.0, \u003c 2.5.2"
                          },
                          {
                            "version_value": "\u003c 2.4.4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "tensorflow"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "TensorFlow is an open source platform for machine learning. In affected versions TensorFlow\u0027s Grappler optimizer has a use of unitialized variable. If the `train_nodes` vector (obtained from the saved model that gets optimized) does not contain a `Dequeue` node, then `dequeue_node` is left unitialized. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-908: Use of Uninitialized Resource"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7r94-xv9v-63jw",
              "refsource": "CONFIRM",
              "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7r94-xv9v-63jw"
            },
            {
              "name": "https://github.com/tensorflow/tensorflow/commit/68867bf01239d9e1048f98cbad185bf4761bedd3",
              "refsource": "MISC",
              "url": "https://github.com/tensorflow/tensorflow/commit/68867bf01239d9e1048f98cbad185bf4761bedd3"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-7r94-xv9v-63jw",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2021-41225",
    "datePublished": "2021-11-05T22:30:17",
    "dateReserved": "2021-09-15T00:00:00",
    "dateUpdated": "2024-08-04T03:08:31.609Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted