28 matches found
UEFI Reference Firmware Advisory
Summary: A potential security vulnerability in UEFI for some Intel Reference Platforms may allow information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-35991 Description: Improper initialization in the UEFI...
CVE-2022-35991
TensorFlow is an open source platform for machine learning. When TensorListScatter and TensorListScatterV2 receive an elementshape of a rank greater than one, they give a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit...
CVE-2023-35991
Hidden functionality vulnerability in LOGITEC wireless LAN routers allows an unauthenticated attacker to log in to the product's certain management console and execute arbitrary OS commands. Affected products and versions are as follows: LAN-W300N/DR all versions, LAN-WH300N/DR all versions,...
Linux Distros Unpatched Vulnerability : CVE-2024-35991
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Convert spinlock to mutex to lock evl workqueue drainworkqueue cannot be...
kernel: dmaengine: idxd: Convert spinlock to mutex to lock evl workqueue
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Convert spinlock to mutex to lock evl workqueue The Linux kernel CVE team has assigned CVE-2024-35991 to this issue. Upstream advisory:...
Ubuntu 24.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6952-2)
"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6952-2 advisory. Benedict Schlter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and...
CVE-2024-35991
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Convert spinlock to mutex to lock evl workqueue drainworkqueue cannot be called safely in a spinlocked context due to possible task rescheduling. In the multi-task scenario, calling queuework while drainworkqueue...
CVE-2024-35991
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Convert spinlock to mutex to lock evl workqueue drainworkqueue cannot be called safely in a spinlocked context due to possible task rescheduling. In the multi-task scenario, calling queuework while drainworkqueue...
CVE-2024-35991
CVE-2024-35991: In the Linux kernel, idxd dmaengine code changed from a spinlock-protected event log workqueue to a mutex-protected approach to safely call drain_workqueue(). The root cause was calling drain_workqueue() while holding a spinlock, risking a Call Trace due to possible task reschedul...
CVE-2024-35991 dmaengine: idxd: Convert spinlock to mutex to lock evl workqueue
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Convert spinlock to mutex to lock evl workqueue drainworkqueue cannot be called safely in a spinlocked context due to possible task rescheduling. In the multi-task scenario, calling queuework while drainworkqueue...
CVE-2024-35991 dmaengine: idxd: Convert spinlock to mutex to lock evl workqueue
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Convert spinlock to mutex to lock evl workqueue drainworkqueue cannot be called safely in a spinlocked context due to possible task rescheduling. In the multi-task scenario, calling queuework while drainworkqueue...
CVE-2023-35991
creationtimestamp| type| source ---|---|--- 2023-08-18 14:38:19+00:00| seen| https://t.me/cibsecurity/68821 2026-05-11 22:15:00+00:00| seen| https://jvn.jp/en/vu/JVNVU91630351...
CVE-2023-35991
Hidden functionality vulnerability in LOGITEC wireless LAN routers allows an unauthenticated attacker to log in to the product's certain management console and execute arbitrary OS commands. Affected products and versions are as follows: LAN-W300N/DR all versions, LAN-WH300N/DR all versions,...
CVE-2023-35991
CVE-2023-35991 affects LOGITEC LAN-W300N/DR, LAN-WH300N/DR, LAN-W300N/P, LAN-WH450N/GP, LAN-WH300AN/DGP, LAN-WH300N/DGP, and LAN-WH300ANDGPE. It is a hidden functionality vulnerability allowing an unauthenticated attacker to log in to a management console and execute arbitrary OS commands. The is...
FreeBSD : py-tensorflow -- denial of service vulnerability (ae132c6c-d716-11ed-956f-7054d21a9e2a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ae132c6c-d716-11ed-956f-7054d21a9e2a advisory. - TensorFlow is an open source platform for machine learning. The implementation of...
`CHECK` fail in `TensorListScatter` and `TensorListScatterV2` in eager mode
Impact Another instance of CVE-2022-35991, where TensorListScatter and TensorListScatterV2 crash via non scalar inputs inelementshape, was found in eager mode and fixed. python import tensorflow as tf arg0=tf.random.uniformshape=2, 2, 2, dtype=tf.float16, maxval=None arg1=tf.random.uniformshape=2...
py-tensorflow -- denial of service vulnerability
Kang Hong Jin, Neophytos Christou, 刘力源 and Pattarakrit Rattankul report: Another instance of CVE-2022-35935, where SobolSample is vulnerable to a denial of service via assumed scalar inputs, was found and fixed. Pattarakrit Rattankul reports: Another instance of CVE-2022-35991, where...
CVE-2022-35991
creationtimestamp| type| source ---|---|--- 2022-09-17 02:35:26+00:00| published-proof-of-concept| https://t.me/cibsecurity/50007 2025-04-23 17:04:59+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13085...
CVE-2022-35991
TensorFlow CVE-2022-35991 affects TensorListScatter and TensorListScatterV2 when element_shape has rank greater than one, triggering a CHECK failure that can lead to a denial of service. The issue is documented in OSV entries (BIT-TENSORFLOW-2022-35991) and related advisories, which confirm a pat...
causalegm (>=0.2.1 <=0.2.5), chrombpnet (>=0.1.0 <=0.1.2) +3 more potentially affected by CVE-2022-35991 via tensorflow-gpu (=2.8.0)
tensorflow-gpu PYPI version =2.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - causalegm =0.2.1, =0.1.0, =0.0.6, =2.3.5, =2.4.1 - tlaunch =0.0.2 Source cves: CVE-2022-35991 Source advisory: OSV:GHSA-VM7X-4QHJ-R...