1314 matches found
hw: Fast forward store predictor
A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU...
hw: Fast forward store predictor
A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU...
hw: Fast forward store predictor
A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU...
GHSA-9C8H-2MV3-49WW Division by 0 in most convolution operators
Impact Most implementations of convolution operators in TensorFlow are affected by a division by 0 vulnerability where an attacker can trigger a denial of service via a crash: python import tensorflow as tf tf.compat.v1.disablev2behavior tf.rawops.Conv2D input = tf.constant, shape=0, 0, 0, 0,...
GHSA-V768-W7M9-2VMM Reference binding to nullptr in shape inference
Impact An attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.SparseFillEmptyRows: python import tensorflow as tf tf.compat.v1.disablev2behavior tf.rawops.SparseFillEmptyRows indices = tf.constant, shape=0, 0, dtype=tf.int64, values = tf.constant, shape=0,...
Reference binding to nullptr in shape inference
Impact An attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.SparseFillEmptyRows: python import tensorflow as tf tf.compat.v1.disablev2behavior tf.rawops.SparseFillEmptyRows indices = tf.constant, shape=0, 0, dtype=tf.int64, values = tf.constant, shape=0,...
GHSA-QFPC-5PJR-MH26 Missing validation in shape inference for `Dequantize`
Impact The shape inference code for tf.rawops.Dequantize has a vulnerability that could trigger a denial of service via a segfault if an attacker provides invalid arguments: python import tensorflow as tf tf.compat.v1.disablev2behavior tf.rawops.Dequantize inputtensor = tf.constant-10.0,...
GHSA-3HXH-8CP2-G4HG Use after free and segfault in shape inference functions
Impact When running shape functions, some functions such as MutableHashTableShape produce extra output information in the form of a ShapeAndType struct. The shapes embedded in this struct are owned by an inference context that is cleaned up almost immediately; if the upstream code attempts to...
hw: L1D Cache Eviction Sampling
A microarchitectural timing flaw was found on some Intel processors. A corner case exists where data in-flight during the eviction process can end up in the “fill buffers” and not properly cleared by the MDS mitigations. The fill buffer contents which were expected to be blank can be inferred usi...
Apple tvOS 安全漏洞
Apple tvOS is a set of smart TV operating systems from the American company Apple. A security vulnerability exists in several Apple products, where an attacker with physical access to an iOS device may be able to determine the characteristics of a user's password in a secure text input field. The...
hw: Fast forward store predictor
A flaw was found in the CPU microarchitecture where a local attacker is able to abuse a timing issue which may allow them to infer internal architectural state from previous executions on the CPU...
Google TensorFlow shape inference function denial of service vulnerability
Google TensorFlow is an end-to-end open source machine learning platform. A denial of service vulnerability exists in the Google TensorFlow shape inference function. A local attacker can exploit this vulnerability to cause a denial of service condition...
CVE-2021-37677
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the shape inference code for tf.rawops.Dequantize has a vulnerability that could trigger a denial of service via a segfault if an attacker provides invalid arguments. The shape inference implementation use...
PYSEC-2021-590
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the shape inference code for tf.rawops.Dequantize has a vulnerability that could trigger a denial of service via a segfault if an attacker provides invalid arguments. The shape inference implementation use...
PYSEC-2021-299
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the shape inference code for tf.rawops.Dequantize has a vulnerability that could trigger a denial of service via a segfault if an attacker provides invalid arguments. The shape inference implementation use...
PYSEC-2021-788
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the shape inference code for tf.rawops.Dequantize has a vulnerability that could trigger a denial of service via a segfault if an attacker provides invalid arguments. The shape inference implementation use...
PYSEC-2021-788
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the shape inference code for tf.rawops.Dequantize has a vulnerability that could trigger a denial of service via a segfault if an attacker provides invalid arguments. The shape inference implementation use...
PYSEC-2021-299
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the shape inference code for tf.rawops.Dequantize has a vulnerability that could trigger a denial of service via a segfault if an attacker provides invalid arguments. The shape inference implementation use...
CVE-2021-37690 Use after free and segfault in shape inference functions in TensorFlow
TensorFlow is an end-to-end open source platform for machine learning. In affected versions when running shape functions, some functions such as MutableHashTableShape produce extra output information in the form of a ShapeAndType struct. The shapes embedded in this struct are owned by an inferenc...
CVE-2021-37690
TensorFlow is an end-to-end open source platform for machine learning. In affected versions when running shape functions, some functions such as MutableHashTableShape produce extra output information in the form of a ShapeAndType struct. The shapes embedded in this struct are owned by an inferenc...