Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-41911: Resolve a sanitizer issue with invalid char -> bool conversion. · tensorflow/tensorflow@1be7437

TensorFlow is an open source platform for machine learning. When printing a tensor, we get it’s data as a const char* array (since that’s the underlying storage) and then we typecast it to the element type. However, conversions from char to bool are undefined if the char is not 0 or 1, so sanitizers/fuzzers will crash. The issue has been patched in GitHub commit 1be74370327. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.10.1, TensorFlow 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.

CVE
Open in Source
#mac#git

Permalink

Browse files

Resolve a sanitizer issue with invalid char -> bool conversion.

When printing a tensor, we get it’s data as a `const char*` array (since that’s the underlying storage) and then we typecast it to the element type. However, conversions from `char` to `bool` are undefined if the `char` is not `0` or `1`, so sanitizers/fuzzers will crash.

To fix, we’re creating a mutable `char` array to convert the chars to 0/1, according to bool rules.

Discovered via internal fuzzing.

PiperOrigin-RevId: 482297563

  • Loading branch information

Related news

GHSA-pf36-r9c6-h97j: Invalid char to bool conversion when printing a tensor

### Impact When [printing a tensor](https://github.com/tensorflow/tensorflow/blob/807cae8a807960fd7ac2313cde73a11fc15e7942/tensorflow/core/framework/tensor.cc#L1200-L1227), we get it's data as a `const char*` array (since that's the underlying storage) and then we typecast it to the element type. However, conversions from `char` to `bool` are undefined if the `char` is not `0` or `1`, so sanitizers/fuzzers will crash. ### Patches We have patched the issue in GitHub commit [1be743703279782a357adbf9b77dcb994fe8b508](https://github.com/tensorflow/tensorflow/commit/1be743703279782a357adbf9b77dcb994fe8b508). The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.10.1, TensorFlow 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. ### For more information Please consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how...

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE