CVE-2021-33649

The CVE-2021-33649 issue affects Huawei MindSpore Community’s Transpose operator. When performing the inference shape operation, if the perm element value is greater than or equal to the input_shape size, the implementation may access data outside the heap-allocated input_shape buffers, potential...

CVE-2021-33649

When performing the inference shape operation of the Transpose operator, if the value in the perm element is greater than or equal to the size of the inputshape, it will access data outside of bounds of inputshape which allocated from heap buffers...

CVE-2021-33647

Huawei MindSpore Community Tile’s Tile operator may disclose sensitive data when performing the inference shape operation if the input data type is not int or int32, due to out-of-bounds access of heap buffers. Affected: MindSpore Community Tile (Tile operator). Root cause: type check bypass lead...

CVE-2021-33647

When performing the inference shape operation of the Tile operator, if the input data type is not int or int32, it will access data outside of bounds of heap allocated buffers...

CVE-2021-33648

When performing the inference shape operation of Affine, Concat, MatMul, ArgMinMax, EmbeddingLookup, and Gather operators, if the input shape size is 0, it will access data outside of bounds of shape which allocated from heap buffers...

CVE-2021-33648

CVE-2021-33648 affects Huawei MindSpore Community’s shape-inference logic for operators including Affine , Concat , MatMul , ArgMinMax , EmbeddingLookup , and Gather . When the input shape size is 0, the code may access data outside of the heap-allocated shape, causing an information-disclosure-t...

CVE-2021-46744

An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring ciphertext values over time...

Design/Logic Flaw

An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring ciphertext values over time...

CVE-2021-46744

Technical details about CVE-2021-46744 are not publicly provided in the supplied Connected documents. The initial entry mentions a SEV data-inference risk on AMD SEV guests, but no product/version/root-cause/fix is given here. Monitor for updates.

F5 BIG-IP 安全特征问题漏洞

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, etc. F5 BIG-IP has a security feature issue vulnerability that can be exploited by an attacker to determine the open UDP User Datagram Protocol source port of...

CVE-2022-25368

Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history stored in the CPU BHB to influence mispredicted branches in the victim's hardware context. Speculation caused by these mispredicted branches can then potentially be used to cause cache allocation, which...

CVE-2022-25368

CVE-2022-23960 describes Spectre-BHB: an attack on ARM Cortex and Neoverse CPUs that abuse the Branch History Buffer (BHB) to influence mispredicted branches, enabling a cache-related side-channel and potential information disclosure across security contexts. Affected: ARM Cortex and Neoverse pro...

UBUNTU-CVE-2022-26382

While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel attacks on the text by using specially crafted fonts could have lead to this text being inferred by the webpage. This vulnerability affects Firefox 98...

CVE-2021-3773

A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks...

CVE-2021-3773

A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks...

Google TensorFlow buffer overflow vulnerability (CNVD-2022-11507)

Google TensorFlow is an end-to-end open source platform for machine learning from Google Google. Google Tensorflow has a buffer overflow vulnerability, which stems from the implementation of ReverseSequence's shape inference does not fully validate the value of batch dim, and an attacker can...

GHSA-M4HF-J54P-P353 Type confusion leading to segfault in Tensorflow

Impact The implementation of shape inference for ConcatV2 can be used to trigger a denial of service attack via a segfault caused by a type confusion: python import tensorflow as tf @tf.function def test: y = tf.rawops.ConcatV2 values=1,2,3,4,5,6, axis = 0xb500005b return y test The axis argument...

Type confusion leading to segfault in Tensorflow

Impact The implementation of shape inference for ConcatV2 can be used to trigger a denial of service attack via a segfault caused by a type confusion: python import tensorflow as tf @tf.function def test: y = tf.rawops.ConcatV2 values=1,2,3,4,5,6, axis = 0xb500005b return y test The axis argument...

GHSA-5QW5-89MW-WCG2 Out of bounds write in Tensorflow

Impact TensorFlow is vulnerable to a heap OOB write in Grappler: cc Status SetUnknownShapeconst NodeDef node, int outputport shapeinference::ShapeHandle shape = GetUnknownOutputShapenode, outputport; InferenceContext ctx = GetContextnode; if ctx == nullptr return errors::InvalidArgument"Missing...

GHSA-VQ36-27G6-P492 Out of bounds read in Tensorflow

Impact TensorFlow's type inference can cause a heap OOB read as the bounds checking is done in a DCHECK which is a no-op during production: cc if nodet.typeid != TFTUNSET int ix = inputidxi; DCHECKix nodet.argssize "input " i " should have an output " ix " but instead only has " nodet.argssize "...