Bug 1203507 (CVE-2022-35934)

Summary: VUL-0: tensorflow-lite: multiple security fixes in tensorflow 2.10.0
Product: [openSUSE] openSUSE Distribution Reporter: Gabriele Sonnu <gabriele.sonnu>
Component: SecurityAssignee: Guillaume GARDET <guillaume.gardet>
Status: NEW --- QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: cgoll
Version: Leap 15.4   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/342676/
Whiteboard:
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Gabriele Sonnu 2022-09-19 07:28:39 UTC 
Multiple security fixes in tensorflow 2.10.0 [0]:

 - Fixes a CHECK failure in tf.reshape caused by overflows (CVE-2022-35934)
 - Fixes a CHECK failure in SobolSample caused by missing validation (CVE-2022-35935)
 - Fixes an OOB read in Gather_nd op in TF Lite (CVE-2022-35937)
 - Fixes a CHECK failure in TensorListReserve caused by missing validation (CVE-2022-35960)
 - Fixes an OOB write in Scatter_nd op in TF Lite (CVE-2022-35939)
 - Fixes an integer overflow in RaggedRangeOp (CVE-2022-35940)
 - Fixes a CHECK failure in AvgPoolOp (CVE-2022-35941)
 - Fixes a CHECK failures in UnbatchGradOp (CVE-2022-35952)
 - Fixes a segfault TFLite converter on per-channel quantized transposed convolutions (CVE-2022-36027)
 - Fixes a CHECK failures in AvgPool3DGrad (CVE-2022-35959)
 - Fixes a CHECK failures in FractionalAvgPoolGrad (CVE-2022-35963)
 - Fixes a segfault in BlockLSTMGradV2 (CVE-2022-35964)
 - Fixes a segfault in LowerBound and UpperBound (CVE-2022-35965)
 - Fixes a segfault in QuantizedAvgPool (CVE-2022-35966)
 - Fixes a segfault in QuantizedAdd (CVE-2022-35967)
 - Fixes a CHECK fail in AvgPoolGrad (CVE-2022-35968)
 - Fixes a CHECK fail in Conv2DBackpropInput (CVE-2022-35969)
 - Fixes a segfault in QuantizedInstanceNorm (CVE-2022-35970)
 - Fixes a CHECK fail in FakeQuantWithMinMaxVars (CVE-2022-35971)
 - Fixes a segfault in Requantize (CVE-2022-36017)
 - Fixes a segfault in QuantizedBiasAdd (CVE-2022-35972)
 - Fixes a CHECK fail in FakeQuantWithMinMaxVarsPerChannel (CVE-2022-36019)
 - Fixes a segfault in QuantizedMatMul (CVE-2022-35973)
 - Fixes a segfault in QuantizeDownAndShrinkRange (CVE-2022-35974)
 - Fixes segfaults in QuantizedRelu and QuantizedRelu6 (CVE-2022-35979)
 - Fixes a CHECK fail in FractionalMaxPoolGrad (CVE-2022-35981)
 - Fixes a CHECK fail in RaggedTensorToVariant (CVE-2022-36018)
 - Fixes a CHECK fail in QuantizeAndDequantizeV3 (CVE-2022-36026)
 - Fixes a segfault in SparseBincount (CVE-2022-35982)
 - Fixes a CHECK fail in Save and SaveSlices (CVE-2022-35983)
 - Fixes a CHECK fail in ParameterizedTruncatedNormal (CVE-2022-35984)
 - Fixes a CHECK fail in LRNGrad (CVE-2022-35985)
 - Fixes a segfault in RaggedBincount (CVE-2022-35986)
 - Fixes a CHECK fail in DenseBincount (CVE-2022-35987)
 - Fixes a CHECK fail in tf.linalg.matrix_rank (CVE-2022-35988)
 - Fixes a CHECK fail in MaxPool (CVE-2022-35989)
 - Fixes a CHECK fail in Conv2DBackpropInput (CVE-2022-35999)
 - Fixes a CHECK fail in EmptyTensorList (CVE-2022-35998)
 - Fixes a CHECK fail in tf.sparse.cross (CVE-2022-35997)
 - Fixes a floating point exception in Conv2D (CVE-2022-35996)
 - Fixes a CHECK fail in AudioSummaryV2 (CVE-2022-35995)
 - Fixes a CHECK fail in CollectiveGather (CVE-2022-35994)
 - Fixes a CHECK fail in SetSize (CVE-2022-35993)
 - Fixes a CHECK fail in TensorListFromTensor (CVE-2022-35992)
 - Fixes a CHECK fail in TensorListScatter and TensorListScatterV2 (CVE-2022-35991)
 - Fixes a CHECK fail in FakeQuantWithMinMaxVarsPerChannelGradient (CVE-2022-35990)
 - Fixes a CHECK fail in FakeQuantWithMinMaxVarsGradient (CVE-2022-36005)
 - Fixes a CHECK fail in tf.random.gamma (CVE-2022-36004)
 - Fixes a CHECK fail in RandomPoissonV2 (CVE-2022-36003)
 - Fixes a CHECK fail in Unbatch (CVE-2022-36002)
 - Fixes a CHECK fail in DrawBoundingBoxes (CVE-2022-36001)
 - Fixes a CHECK fail in Eig (CVE-2022-36000)
 - Fixes a null dereference on MLIR on empty function attributes (CVE-2022-36011)
 - Fixes an assertion failure on MLIR empty edge names (CVE-2022-36012)
 - Fixes a null-dereference in mlir::tfg::GraphDefImporter::ConvertNodeDef (CVE-2022-36013)
 - Fixes a null-dereference in mlir::tfg::TFOp::nameAttr (CVE-2022-36014)
 - Fixes an integer overflow in math ops (CVE-2022-36015)
 - Fixes a CHECK-fail in tensorflow::full_type::SubstituteFromAttrs (CVE-2022-36016)
 - Fixes an OOB read in Gather_nd op in TF Lite Micro (CVE-2022-35938)

[0] https://github.com/tensorflow/tensorflow/releases/tag/v2.10.0
Comment 1 Benjamin Greiner 2022-09-21 04:47:10 UTC 
I updated the Tumbleweed tensorflow-lite package to 2.10.0: sr#1005092

Note that tensorflow-lite is only there because of the armmnn package, which is in itself currently in danger of being removed because it fails to build: sr#1004868

This won't work for Leap 15.4 as current tensorflow requires Python >= 3.7.

I don't feel responsible for Leap 15.4, we wanted to remove tensorflow from the distribution months ago, the maintainership is a nightmare. Reassigning.
Comment 2 OBSbugzilla Bot 2022-09-21 05:25:02 UTC 
This is an autogenerated message for OBS integration:
This bug (1203507) was mentioned in
https://build.opensuse.org/request/show/1005092 Factory / tensorflow-lite