17 matches found
TensorFlow has null dereference on ParallelConcat with XLA
...
TensorFlow has Floating Point Exception in AvgPoolGrad with XLA
...
TensorFlow has Floating Point Exception in TensorListSplit with XLA
...
TensorFlow has Segfault in Bincount with XLA
...
TensorFlow has Null Pointer Error in RandomShuffle with XLA enable
...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS due to a floating point exception in TensorListSplit with XLA. PoC import tensorflow as tf func = tf.rawops.TensorListSplit para = 'tensor': 1, 'elementshape': -1, 'lengths': 0 @tf.functionjitcompile=True def...
AZL-35321 CVE-2023-25676 affecting package tensorflow for versions less than 2.11.1-1
TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.ParallelConcat segfaults with a nullptr dereference when given a parameter shape with rank that is not greater than zero. A fix is available in TensorFlow 2.12.0 and 2.11.1...
AZL-35318 CVE-2023-25673 affecting package tensorflow for versions less than 2.11.1-1
TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a Floating Point Exception in TensorListSplit with XLA. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...
AZL-31213 CVE-2023-25673 affecting package tensorflow for versions less than 2.11.1-1
TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a Floating Point Exception in TensorListSplit with XLA. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...
CVE-2023-25673
TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a Floating Point Exception in TensorListSplit with XLA. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...
CVE-2023-25674
TensorFlow is an open source machine learning platform. Versions prior to 2.12.0 and 2.11.1 have a null pointer error in RandomShuffle with XLA enabled. A fix is included in TensorFlow 2.12.0 and 2.11.1...
CVE-2023-25676
TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.ParallelConcat segfaults with a nullptr dereference when given a parameter shape with rank that is not greater than zero. A fix is available in TensorFlow 2.12.0 and 2.11.1...
GHSA-GF97-Q72M-7579 TensorFlow has Null Pointer Error in RandomShuffle with XLA enable
Impact NPE in RandomShuffle with XLA enable python import tensorflow as tf func = tf.rawops.RandomShuffle para = 'value': 1e+20, 'seed': -4294967297, 'seed2': -2147483649 @tf.functionjitcompile=True def test: y = funcpara return y test Patches We have patched the issue in GitHub commit...
PYSEC-2022-158
Tensorflow is an Open Source Machine Learning Framework. When building an XLA compilation cache, if default settings are used, TensorFlow triggers a null pointer dereference. In the default scenario, all devices are allowed, so flr-configproto is nullptr. The fix will be included in TensorFlow...
Google TensorFlow 代码问题漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a code issue vulnerability that stems from TensorFlow triggering null pointer dereferences if default settings are used when building the XLA compilation cache. No...
GHSA-Q492-F7GR-27RP Improper Restriction of Operations within the Bounds of a Memory Buffer in Google TensorFlow
Invalid memory access and/or a heap buffer overflow in the TensorFlow XLA compiler in Google TensorFlow before 1.7.1 could cause a crash or read from other parts of process memory via a crafted configuration file...
PYSEC-2019-229
Invalid memory access and/or a heap buffer overflow in the TensorFlow XLA compiler in Google TensorFlow before 1.7.1 could cause a crash or read from other parts of process memory via a crafted configuration file...