Bug 1203507 – VUL-0: tensorflow-lite: multiple security fixes in tensorflow 2.10.0

Bug 1203507 - (CVE-2022-35934) VUL-0: tensorflow-lite: multiple security fixes in tensorflow 2.10.0

(CVE-2022-35934)
Summary:	VUL-0: tensorflow-lite: multiple security fixes in tensorflow 2.10.0

Status:	NEW

Classification:	openSUSE
Product:	openSUSE Distribution
Classification:	openSUSE
Component:	Security
Version:	Leap 15.4
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal (vote)
Target Milestone:	---
Assigned To:	Guillaume GARDET
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/342676/
Whiteboard:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2022-09-19 07:28 UTC by Gabriele Sonnu
Modified:	2022-09-21 05:25 UTC (History)
CC List:	1 user (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Gabriele Sonnu 2022-09-19 07:28:39 UTC

Multiple security fixes in tensorflow 2.10.0 [0]:

 - Fixes a CHECK failure in tf.reshape caused by overflows (CVE-2022-35934)
 - Fixes a CHECK failure in SobolSample caused by missing validation (CVE-2022-35935)
 - Fixes an OOB read in Gather_nd op in TF Lite (CVE-2022-35937)
 - Fixes a CHECK failure in TensorListReserve caused by missing validation (CVE-2022-35960)
 - Fixes an OOB write in Scatter_nd op in TF Lite (CVE-2022-35939)
 - Fixes an integer overflow in RaggedRangeOp (CVE-2022-35940)
 - Fixes a CHECK failure in AvgPoolOp (CVE-2022-35941)
 - Fixes a CHECK failures in UnbatchGradOp (CVE-2022-35952)
 - Fixes a segfault TFLite converter on per-channel quantized transposed convolutions (CVE-2022-36027)
 - Fixes a CHECK failures in AvgPool3DGrad (CVE-2022-35959)
 - Fixes a CHECK failures in FractionalAvgPoolGrad (CVE-2022-35963)
 - Fixes a segfault in BlockLSTMGradV2 (CVE-2022-35964)
 - Fixes a segfault in LowerBound and UpperBound (CVE-2022-35965)
 - Fixes a segfault in QuantizedAvgPool (CVE-2022-35966)
 - Fixes a segfault in QuantizedAdd (CVE-2022-35967)
 - Fixes a CHECK fail in AvgPoolGrad (CVE-2022-35968)
 - Fixes a CHECK fail in Conv2DBackpropInput (CVE-2022-35969)
 - Fixes a segfault in QuantizedInstanceNorm (CVE-2022-35970)
 - Fixes a CHECK fail in FakeQuantWithMinMaxVars (CVE-2022-35971)
 - Fixes a segfault in Requantize (CVE-2022-36017)
 - Fixes a segfault in QuantizedBiasAdd (CVE-2022-35972)
 - Fixes a CHECK fail in FakeQuantWithMinMaxVarsPerChannel (CVE-2022-36019)
 - Fixes a segfault in QuantizedMatMul (CVE-2022-35973)
 - Fixes a segfault in QuantizeDownAndShrinkRange (CVE-2022-35974)
 - Fixes segfaults in QuantizedRelu and QuantizedRelu6 (CVE-2022-35979)
 - Fixes a CHECK fail in FractionalMaxPoolGrad (CVE-2022-35981)
 - Fixes a CHECK fail in RaggedTensorToVariant (CVE-2022-36018)
 - Fixes a CHECK fail in QuantizeAndDequantizeV3 (CVE-2022-36026)
 - Fixes a segfault in SparseBincount (CVE-2022-35982)
 - Fixes a CHECK fail in Save and SaveSlices (CVE-2022-35983)
 - Fixes a CHECK fail in ParameterizedTruncatedNormal (CVE-2022-35984)
 - Fixes a CHECK fail in LRNGrad (CVE-2022-35985)
 - Fixes a segfault in RaggedBincount (CVE-2022-35986)
 - Fixes a CHECK fail in DenseBincount (CVE-2022-35987)
 - Fixes a CHECK fail in tf.linalg.matrix_rank (CVE-2022-35988)
 - Fixes a CHECK fail in MaxPool (CVE-2022-35989)
 - Fixes a CHECK fail in Conv2DBackpropInput (CVE-2022-35999)
 - Fixes a CHECK fail in EmptyTensorList (CVE-2022-35998)
 - Fixes a CHECK fail in tf.sparse.cross (CVE-2022-35997)
 - Fixes a floating point exception in Conv2D (CVE-2022-35996)
 - Fixes a CHECK fail in AudioSummaryV2 (CVE-2022-35995)
 - Fixes a CHECK fail in CollectiveGather (CVE-2022-35994)
 - Fixes a CHECK fail in SetSize (CVE-2022-35993)
 - Fixes a CHECK fail in TensorListFromTensor (CVE-2022-35992)
 - Fixes a CHECK fail in TensorListScatter and TensorListScatterV2 (CVE-2022-35991)
 - Fixes a CHECK fail in FakeQuantWithMinMaxVarsPerChannelGradient (CVE-2022-35990)
 - Fixes a CHECK fail in FakeQuantWithMinMaxVarsGradient (CVE-2022-36005)
 - Fixes a CHECK fail in tf.random.gamma (CVE-2022-36004)
 - Fixes a CHECK fail in RandomPoissonV2 (CVE-2022-36003)
 - Fixes a CHECK fail in Unbatch (CVE-2022-36002)
 - Fixes a CHECK fail in DrawBoundingBoxes (CVE-2022-36001)
 - Fixes a CHECK fail in Eig (CVE-2022-36000)
 - Fixes a null dereference on MLIR on empty function attributes (CVE-2022-36011)
 - Fixes an assertion failure on MLIR empty edge names (CVE-2022-36012)
 - Fixes a null-dereference in mlir::tfg::GraphDefImporter::ConvertNodeDef (CVE-2022-36013)
 - Fixes a null-dereference in mlir::tfg::TFOp::nameAttr (CVE-2022-36014)
 - Fixes an integer overflow in math ops (CVE-2022-36015)
 - Fixes a CHECK-fail in tensorflow::full_type::SubstituteFromAttrs (CVE-2022-36016)
 - Fixes an OOB read in Gather_nd op in TF Lite Micro (CVE-2022-35938)

[0] https://github.com/tensorflow/tensorflow/releases/tag/v2.10.0

Comment 1 Benjamin Greiner 2022-09-21 04:47:10 UTC

I updated the Tumbleweed tensorflow-lite package to 2.10.0: sr#1005092

Note that tensorflow-lite is only there because of the armmnn package, which is in itself currently in danger of being removed because it fails to build: sr#1004868

This won't work for Leap 15.4 as current tensorflow requires Python >= 3.7.

I don't feel responsible for Leap 15.4, we wanted to remove tensorflow from the distribution months ago, the maintainership is a nightmare. Reassigning.

Comment 2 OBSbugzilla Bot 2022-09-21 05:25:02 UTC

This is an autogenerated message for OBS integration:
This bug (1203507) was mentioned in
https://build.opensuse.org/request/show/1005092 Factory / tensorflow-lite