This releases introduces several vulnerability fixes:
- Fixes a
CHECK
failure in tf.reshape caused by overflows (CVE-2022-35934) - Fixes a
CHECK
failure inSobolSample
caused by missing validation (CVE-2022-35935) - Fixes an OOB read in
Gather_nd
op in TF Lite (CVE-2022-35937) - Fixes a
CHECK
failure inTensorListReserve
caused by missing validation (CVE-2022-35960) - Fixes an OOB write in
Scatter_nd
op in TF Lite (CVE-2022-35939) - Fixes an integer overflow in
RaggedRangeOp
(CVE-2022-35940) - Fixes a
CHECK
failure inAvgPoolOp
(CVE-2022-35941) - Fixes a
CHECK
failures inUnbatchGradOp
(CVE-2022-35952) - Fixes a segfault TFLite converter on per-channel quantized transposed convolutions (CVE-2022-36027)
- Fixes a
CHECK
failures inAvgPool3DGrad
(CVE-2022-35959) - Fixes a
CHECK
failures inFractionalAvgPoolGrad
(CVE-2022-35963) - Fixes a segfault in
BlockLSTMGradV2
(CVE-2022-35964) - Fixes a segfault in
LowerBound
andUpperBound
(CVE-2022-35965) - Fixes a segfault in
QuantizedAvgPool
(CVE-2022-35966) - Fixes a segfault in
QuantizedAdd
(CVE-2022-35967) - Fixes a
CHECK
fail inAvgPoolGrad
(CVE-2022-35968) - Fixes a
CHECK
fail inConv2DBackpropInput
(CVE-2022-35969) - Fixes a segfault in
QuantizedInstanceNorm
(CVE-2022-35970) - Fixes a
CHECK
fail inFakeQuantWithMinMaxVars
(CVE-2022-35971) - Fixes a segfault in
Requantize
(CVE-2022-36017) - Fixes a segfault in
QuantizedBiasAdd
(CVE-2022-35972) - Fixes a
CHECK
fail inFakeQuantWithMinMaxVarsPerChannel
(CVE-2022-36019) - Fixes a segfault in
QuantizedMatMul
(CVE-2022-35973) - Fixes a segfault in
QuantizeDownAndShrinkRange
(CVE-2022-35974) - Fixes segfaults in
QuantizedRelu
andQuantizedRelu6
(CVE-2022-35979) - Fixes a
CHECK
fail inFractionalMaxPoolGrad
(CVE-2022-35981) - Fixes a
CHECK
fail inRaggedTensorToVariant
(CVE-2022-36018) - Fixes a
CHECK
fail inQuantizeAndDequantizeV3
(CVE-2022-36026) - Fixes a segfault in
SparseBincount
(CVE-2022-35982) - Fixes a
CHECK
fail inSave
andSaveSlices
(CVE-2022-35983) - Fixes a
CHECK
fail inParameterizedTruncatedNormal
(CVE-2022-35984) - Fixes a
CHECK
fail inLRNGrad
(CVE-2022-35985) - Fixes a segfault in
RaggedBincount
(CVE-2022-35986) - Fixes a
CHECK
fail inDenseBincount
(CVE-2022-35987) - Fixes a
CHECK
fail intf.linalg.matrix_rank
(CVE-2022-35988) - Fixes a
CHECK
fail inMaxPool
(CVE-2022-35989) - Fixes a
CHECK
fail inConv2DBackpropInput
(CVE-2022-35999) - Fixes a
CHECK
fail inEmptyTensorList
(CVE-2022-35998) - Fixes a
CHECK
fail intf.sparse.cross
(CVE-2022-35997) - Fixes a floating point exception in
Conv2D
(CVE-2022-35996) - Fixes a
CHECK
fail inAudioSummaryV2
(CVE-2022-35995) - Fixes a
CHECK
fail inCollectiveGather
(CVE-2022-35994) - Fixes a
CHECK
fail inSetSize
(CVE-2022-35993) - Fixes a
CHECK
fail inTensorListFromTensor
(CVE-2022-35992) - Fixes a
CHECK
fail inTensorListScatter
andTensorListScatterV2
(CVE-2022-35991) - Fixes a
CHECK
fail inFakeQuantWithMinMaxVarsPerChannelGradient
(CVE-2022-35990) - Fixes a
CHECK
fail inFakeQuantWithMinMaxVarsGradient
(CVE-2022-36005) - Fixes a
CHECK
fail intf.random.gamma
(CVE-2022-36004) - Fixes a
CHECK
fail inRandomPoissonV2
(CVE-2022-36003) - Fixes a
CHECK
fail inUnbatch
(CVE-2022-36002) - Fixes a
CHECK
fail inDrawBoundingBoxes
(CVE-2022-36001) - Fixes a
CHECK
fail inEig
(CVE-2022-36000) - Fixes a null dereference on MLIR on empty function attributes (CVE-2022-36011)
- Fixes an assertion failure on MLIR empty edge names (CVE-2022-36012)
- Fixes a null-dereference in
mlir::tfg::GraphDefImporter::ConvertNodeDef
(CVE-2022-36013) - Fixes a null-dereference in
mlir::tfg::TFOp::nameAttr
(CVE-2022-36014) - Fixes an integer overflow in math ops (CVE-2022-36015)
- Fixes a
CHECK
-fail intensorflow::full_type::SubstituteFromAttrs
(CVE-2022-36016) - Fixes an OOB read in
Gather_nd
op in TF Lite Micro (CVE-2022-35938)