All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
PenTest Magazine's latest free issue features an article about ropci, a tool used in penetration testing (simulated security attacks to find vulnerabilities). The article provides more detailed information than the tool's blog post or GitHub repository, and the magazine also includes coverage of Nuclei, another popular security testing tool.
ROPC (Resource Owner Password Credentials, an OAuth2 method that sends usernames and passwords directly to get access tokens) can bypass multi-factor authentication (MFA, a security check requiring multiple forms of verification) in Microsoft Azure Active Directory if not properly configured, because over 50 default apps in every tenant support ROPC and may not enforce MFA. The post warns that ROPC should not be used and recommends testing your Azure setup for this vulnerability using the ropci tool.
SSH Agent Hijacking is an attack where an adversary with root permissions can steal SSH private keys (encryption keys used for secure shell access) from a forwarded SSH Agent, a service that stores authentication credentials. On shared systems like jumpboxes (intermediate servers used to access other machines), an attacker can find another user's SSH_AUTH_SOCK (an environment variable pointing to the SSH Agent's communication socket) and use it to impersonate that user and access machines they have permission to reach.
Gospray is a tool designed to test credentials by attempting to log into domain controllers (the central servers that manage network access) using LDAP bind (a method for authenticating directly against these servers). Unlike some other credential-testing approaches, it communicates quietly and directly with the domain controller without needing other servers as intermediaries, and it allows configurable levels of parallel attempts.
TensorFlow (an open source platform for machine learning) crashes when converting transposed convolutions (a type of neural network layer operation) with per-channel weight quantization (a compression technique that reduces precision individually for different channels). The crash causes a segfault (a memory access error that terminates the program), crashing the Python process.
TensorFlow, an open source platform for machine learning, has a vulnerability where a function called `Requantize` crashes when given certain types of input data (tensors of nonzero rank), allowing attackers to trigger a denial of service attack (making the system unavailable). The issue has been fixed and will be released in updated versions of the software.
TensorFlow, an open source platform for machine learning, has a bug where a specific function (`tensorflow::full_type::SubstituteFromAttrs`) crashes the program instead of properly reporting an error when it receives incorrect input (a `FullTypeDef` that doesn't have exactly three arguments). This crash could potentially be exploited to make TensorFlow applications stop working.
TensorFlow (an open source platform for machine learning) has a bug where the `RangeSize` function crashes when it receives numbers too large to fit into an `int64_t` (a 64-bit integer data type). This is caused by an integer overflow (when a number becomes too large for its data type to handle).
TensorFlow (an open source machine learning platform) crashes when a specific internal function receives null type list attributes (empty or missing type information). The developers have fixed the bug and will release the patch in upcoming versions of the software.
TensorFlow (an open source platform for machine learning) crashes when a component called mlir::tfg::GraphDefImporter::ConvertNodeDef tries to convert NodeDefs (data structures that define operations) without an operation name. This is a crash vulnerability that could cause the software to stop working unexpectedly.
TensorFlow (an open source platform for machine learning) crashes when a specific internal function called `mlir::tfg::ConvertGenericFunctionToFunctionDef` receives empty function attributes (data describing how a function should behave). This is a reachable assertion vulnerability, meaning the program encounters an unexpected condition it cannot handle.
TensorFlow, an open source machine learning platform, has a bug where a specific function crashes with a null dereference (trying to use a memory address that doesn't exist) when given empty function attributes. The issue affects multiple versions of TensorFlow and has no known workarounds.
TensorFlow, an open source platform for machine learning, has a vulnerability in its `tf.quantization.fake_quant_with_min_max_vars_gradient` function where nonscalar (multi-dimensional) input values for `min` or `max` parameters cause a CHECK fail, which is a crash that could enable a denial of service attack (disrupting service availability). The vulnerability affects multiple supported versions of TensorFlow.
TensorFlow (an open source machine learning platform) has a bug in its `tf.random.gamma` function where large input values can cause a denial of service attack (making the system crash or stop responding). The developers have fixed the issue and will release it in TensorFlow 2.10.0, along with updates to older supported versions.
TensorFlow (an open source machine learning platform) has a vulnerability in its `RandomPoissonV2` function where large input values can cause a CHECK fail (a safety check that stops execution), allowing attackers to trigger a denial of service attack (making the system unavailable). The vulnerability affects multiple versions of TensorFlow.
TensorFlow (an open source machine learning platform) has a vulnerability where the `Unbatch` operation crashes when it receives a nonscalar input `id` (a variable with multiple dimensions rather than a single value), which can be exploited to cause a denial of service attack (making a system unavailable by overwhelming it).
TensorFlow (an open-source machine learning platform) has a vulnerability in its `DrawBoundingBoxes` function where receiving input boxes that aren't float data types causes a CHECK fail, which can be exploited to disable the system through a denial of service attack (overwhelming it with requests). The vulnerability affects multiple versions of TensorFlow.
TensorFlow, an open-source machine learning platform, has a vulnerability where a specific internal function crashes when it receives empty function attributes, causing a null dereference (an error where the software tries to use a memory location that doesn't exist). This bug affects multiple versions of TensorFlow and has no known workarounds.
TensorFlow (an open source platform for machine learning) has a vulnerability where a function called `Conv2DBackpropInput` crashes when it receives empty input arrays, allowing attackers to cause a denial of service attack (making the system unavailable). The issue affects both CPU and GPU processing and has been patched in the codebase.
TensorFlow, an open source platform for machine learning, has a vulnerability in its `EmptyTensorList` function that crashes when given certain inputs, allowing attackers to trigger a denial of service attack (making a service unavailable by overwhelming it). The bug occurs when the function receives an `element_shape` input with more than one dimension.
Fix: The source mentions testing as a mitigation: 'Always enforce MFA' and 'test your own AAD tenant for ROPC based MFA bypass opportunities.' Additionally, the post states 'ROPC MUST NOT be used' as a general security principle. However, no specific configuration steps, patches, or enforcement mechanisms are explicitly described in the provided text.
Embrace The RedFix: The issue has been patched in GitHub commit aa0b852a4588cea4d36b74feb05d93055540b450. The fix will be included in TensorFlow 2.10.0, and will also be backported to TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2.
NVD/CVE DatabaseFix: The fix is included in TensorFlow 2.10.0. The patch will also be applied to TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2. Users should upgrade to one of these patched versions. There are no known workarounds for this issue.
NVD/CVE DatabaseFix: The issue is patched in GitHub commit 6104f0d4091c260ce9352f9155f7e9b725eab012. The fix will be included in TensorFlow 2.10.0 and will also be applied to TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2.
NVD/CVE DatabaseFix: Update to TensorFlow 2.10.0, or apply the patch from GitHub commit 37e64539cd29fcfb814c4451152a60f5d107b0f0. Users of TensorFlow 2.9.1, 2.8.1, or 2.7.2 should also update to patched versions of those releases. The source states: 'There are no known workarounds for this issue.'
NVD/CVE DatabaseFix: The fix will be included in TensorFlow 2.10.0. Patches will also be applied to TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2. Users should update to one of these patched versions when available.
NVD/CVE DatabaseFix: The fix is included in TensorFlow 2.10.0 and will be cherrypicked (a process of applying specific fixes to older versions) into TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2. Users should update to one of these patched versions. The source notes there are no known workarounds for this issue.
NVD/CVE DatabaseFix: Update to TensorFlow 2.10.0, or apply the patch from GitHub commit ad069af92392efee1418c48ff561fd3070a03d7b. Users of earlier versions should also update to TensorFlow 2.9.1, 2.8.1, or 2.7.2, which will also include this fix.
NVD/CVE DatabaseFix: The issue was patched in GitHub commit 1cf45b831eeb0cab8655c9c7c5d06ec6f45fc41b. The fix will be included in TensorFlow 2.10.0 and will be backported to TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2.
NVD/CVE DatabaseFix: The issue has been patched in GitHub commit f3cf67ac5705f4f04721d15e485e192bb319feed. The fix will be included in TensorFlow 2.10.0, and will also be backported to TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2. There are no known workarounds.
NVD/CVE DatabaseFix: Update to TensorFlow 2.10.0, or if you need an earlier version, update to TensorFlow 2.9.1, TensorFlow 2.8.1, or TensorFlow 2.7.2, as these versions include the patch from GitHub commit 552bfced6ce4809db5f3ca305f60ff80dd40c5a3. The source notes there are no known workarounds for this issue.
NVD/CVE DatabaseFix: The issue has been patched in GitHub commit 552bfced6ce4809db5f3ca305f60ff80dd40c5a3. The fix is included in TensorFlow 2.10.0 and will be backported (applied to older versions) in TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2. There are no known workarounds for this issue.
NVD/CVE DatabaseFix: The issue has been patched in GitHub commit 4419d10d576adefa36b0e0a9425d2569f7c0189f. Users should upgrade to TensorFlow 2.10.0 or apply the patch to supported versions 2.9.1, 2.8.1, and 2.7.2. No workarounds are available.
NVD/CVE DatabaseFix: The issue has been patched in GitHub commit da0d65cdc1270038e72157ba35bf74b85d9bda11. Users should update to TensorFlow 2.10.0, or for earlier versions, update to TensorFlow 2.9.1, 2.8.1, or 2.7.2, as these patched versions are available for affected and still-supported releases. No workarounds exist.
NVD/CVE DatabaseFix: The issue is patched in GitHub commit aed36912609fc07229b4d0a7b44f3f48efc00fd0. The fix will be included in TensorFlow 2.10.0, and has been backported (adapted for older versions) to TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2.
NVD/CVE DatabaseFix: The fix is included in TensorFlow 2.10.0 and will be backported to TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2. Users should update to one of these patched versions. There are no known workarounds for this issue.
NVD/CVE DatabaseFix: The issue is patched in GitHub commit c8ba76d48567aed347508e0552a257641931024d. Users should update to TensorFlow 2.10.0, or for those on earlier versions, update to TensorFlow 2.9.1, 2.8.1, or 2.7.2 (which will include a cherrypicked fix). No workarounds exist for this vulnerability.
NVD/CVE Database