#dos

### Impact If `QuantizedAdd` is given `min_input` or `max_input` tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. ```python import tensorflow as tf Toutput = tf.qint32 x = tf.constant(140, shape=[1], dtype=tf.quint8) y = tf.constant(26, shape=[10], dtype=tf.quint8) min_x = tf.constant([], shape=[0], dtype=tf.float32) max_x = tf.constant(0, shape=[], dtype=tf.float32) min_y = tf.constant(0, shape=[], dtype=tf.float32) max_y = tf.constant(0, shape=[], dtype=tf.float32) tf.raw_ops.QuantizedAdd(x=x, y=y, min_x=min_x, max_x=max_x, min_y=min_y, max_y=max_y, Toutput=Toutput) ``` ### Patches We have patched the issue in GitHub commit [49b3824d83af706df0ad07e4e677d88659756d89](https://github.com/tensorflow/tensorflow/commit/49b3824d83af706df0ad07e4e677d88659756d89). The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected...

### Impact If `QuantizedAvgPool` is given `min_input` or `max_input` tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. ```python import tensorflow as tf ksize = [1, 2, 2, 1] strides = [1, 2, 2, 1] padding = "SAME" input = tf.constant(1, shape=[1,4,4,2], dtype=tf.quint8) min_input = tf.constant([], shape=[0], dtype=tf.float32) max_input = tf.constant(0, shape=[1], dtype=tf.float32) tf.raw_ops.QuantizedAvgPool(input=input, min_input=min_input, max_input=max_input, ksize=ksize, strides=strides, padding=padding) ``` ### Patches We have patched the issue in GitHub commit [7cdf9d4d2083b739ec81cfdace546b0c99f50622](https://github.com/tensorflow/tensorflow/commit/7cdf9d4d2083b739ec81cfdace546b0c99f50622). The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. ### For more information Plea...

### Impact When `tf.quantization.fake_quant_with_min_max_vars_per_channel_gradient` receives input `min` or `max` of rank other than 1, it gives a `CHECK` fail that can trigger a denial of service attack. ```python import tensorflow as tf arg_0=tf.random.uniform(shape=(1,1), dtype=tf.float32, maxval=None) arg_1=tf.random.uniform(shape=(1,1), dtype=tf.float32, maxval=None) arg_2=tf.random.uniform(shape=(1,1), dtype=tf.float32, maxval=None) arg_3=tf.random.uniform(shape=(1,1), dtype=tf.float32, maxval=None) arg_4=8 arg_5=False arg_6=None tf.quantization.fake_quant_with_min_max_vars_per_channel_gradient(gradients=arg_0, inputs=arg_1, min=arg_2, max=arg_3, num_bits=arg_4, narrow_range=arg_5, name=arg_6) ``` ### Patches We have patched the issue in GitHub commit [f3cf67ac5705f4f04721d15e485e192bb319feed](https://github.com/tensorflow/tensorflow/commit/f3cf67ac5705f4f04721d15e485e192bb319feed). The fix will be included in TensorFlow 2.10.0. We will also cherrypic...

### Impact When `TensorListScatter` and `TensorListScatterV2` receive an `element_shape` of a rank greater than one, they give a `CHECK` fail that can trigger a denial of service attack. ```python import tensorflow as tf arg_0=tf.random.uniform(shape=(2, 2, 2), dtype=tf.float16, maxval=None) arg_1=tf.random.uniform(shape=(2, 2, 2), dtype=tf.int32, maxval=65536) arg_2=tf.random.uniform(shape=(2, 2, 2), dtype=tf.int32, maxval=65536) arg_3='' tf.raw_ops.TensorListScatter(tensor=arg_0, indices=arg_1, element_shape=arg_2, name=arg_3) ``` ### Patches We have patched the issue in GitHub commit [bb03fdf4aae944ab2e4b35c7daa051068a8b7f61](https://github.com/tensorflow/tensorflow/commit/bb03fdf4aae944ab2e4b35c7daa051068a8b7f61). The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. ### For more information Please consult [our security guide](https...

JasPer 3.0.6 allows denial of service via a reachable assertion in the function inttobits in libjasper/base/jas_image.c.

A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACComputeFinal with an excessive size value of messageLen.

A Buffer Access with Incorrect Length Value vulnerablity in the TEE_CipherUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_CipherUpdate with an excessive size value of srcLen.

A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACUpdate with an excessive size value of chunkSize.

A NULL pointer dereference issue in the TEE_MACCompareFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACCompareFinal with a NULL pointer for the parameter operation.

TensorFlow is an open source platform for machine learning. `DenseBincount` assumes its input tensor `weights` to either have the same shape as its input tensor `input` or to be length-0. A different `weights` shape will trigger a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit bf4c14353c2328636a18bfad1e151052c81d5f43. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.