7048 matches found
CVE-2023-25664
TensorFlow CVE-2023-25664 is a heap-based buffer overflow in TAvgPoolGrad, affecting TensorFlow versions prior to 2.12.0 and 2.11.1. A fix is included in TensorFlow 2.12.0 and 2.11.1. Connected documents corroborate the vulnerability class and affected versions, and note remediation via upgrading...
CVE-2023-25664 TensorFlow vulnerable to Heap Buffer Overflow in AvgPoolGrad
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, there is a heap buffer overflow in TAvgPoolGrad. A fix is included in TensorFlow 2.12.0 and 2.11.1...
CVE-2023-25667
TensorFlow contains an integer overflow in the vulnerability CVE-2023-25667, affecting versions prior to 2.12.0 and 2.11.1 when 2^31 <= num_frames * height * width * channels
CVE-2023-25667 TensorFlow vulnerable to segfault when opening multiframe gif
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, integer overflow occurs when 2^31 = numframes height width channels 2^32, for example Full HD screencast of at least 346 frames. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...
CVE-2023-25666 TensorFlow has Floating Point Exception in AudioSpectrogram
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, there is a floating point exception in AudioSpectrogram. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...
CVE-2023-25666
TensorFlow AudioSpectrogram in versions prior to 2.12.0 and 2.11.1 is affected by a floating point exception that can cause a Denial of Service. The fix is included in TensorFlow 2.12.0 and in 2.11.1. Recommended action: upgrade to TensorFlow 2.12.0 or 2.11.1 (or newer) to remediate.
CVE-2023-25666 TensorFlow has Floating Point Exception in AudioSpectrogram
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, there is a floating point exception in AudioSpectrogram. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...
CVE-2023-25666 TensorFlow has Floating Point Exception in AudioSpectrogram
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, there is a floating point exception in AudioSpectrogram. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...
CVE-2023-25665 TensorFlow has Null Pointer Error in SparseSparseMaximum
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when SparseSparseMaximum is given invalid sparse tensors as inputs, it can give a null pointer error. A fix is included in TensorFlow version 2.12 and version 2.11.1...
CVE-2023-25665
TensorFlow CVE-2023-25665 affects SparseSparseMaximum: inputting invalid sparse tensors can cause a NULL pointer dereference. Public docs list affected releases as pre-2.12.0 and pre-2.11.1, with fixes shipped in TensorFlow 2.12 and 2.11.1 respectively. IBM and partner advisories corroborate this...
CVE-2023-25665 TensorFlow has Null Pointer Error in SparseSparseMaximum
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when SparseSparseMaximum is given invalid sparse tensors as inputs, it can give a null pointer error. A fix is included in TensorFlow version 2.12 and version 2.11.1...
CVE-2023-25668 TensorFlow vulnerable to heap out-of-buffer read in the QuantizeAndDequantize operation
TensorFlow is an open source platform for machine learning. Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution. The fix will be included in TensorFlow version 2.12.0 and will also cherrypick...
CVE-2023-25668 TensorFlow vulnerable to heap out-of-buffer read in the QuantizeAndDequantize operation
TensorFlow is an open source platform for machine learning. Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution. The fix will be included in TensorFlow version 2.12.0 and will also cherrypick...
CVE-2023-25668
TensorFlow CVE-2023-25668 affects TensorFlow prior to 2.12.0 and the 2.11.1 branch, where attackers can access heap memory outside user control, leading to a crash or remote code execution. The fix is to upgrade to TensorFlow 2.12.0 or cherry-pick the relevant commit onto TensorFlow 2.11.1. Affec...
CVE-2023-25668 TensorFlow vulnerable to heap out-of-buffer read in the QuantizeAndDequantize operation
TensorFlow is an open source platform for machine learning. Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution. The fix will be included in TensorFlow version 2.12.0 and will also cherrypick...
CVE-2023-25669 TensorFlow has Floating Point Exception in AvgPoolGrad with XLA
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the stride and window size are not positive for tf.rawops.AvgPoolGrad, it can give a floating point exception. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...
CVE-2023-25669
TensorFlow CVE-2023-25669 affects TensorFlow before versions 2.12.0 and 2.11.1, where a non-positive stride or window in tf.raw_ops.AvgPoolGrad can trigger a floating point exception. A fix is included in TensorFlow 2.12.0 and 2.11.1. Mitigation consists of upgrading to these versions or later. I...
CVE-2023-25669 TensorFlow has Floating Point Exception in AvgPoolGrad with XLA
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the stride and window size are not positive for tf.rawops.AvgPoolGrad, it can give a floating point exception. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...
CVE-2023-25670
TensorFlow contains a null pointer dereference in QuantizedMatMulWithBiasAndDequantize when MKL is enabled, affecting prior releases. The issue affects TensorFlow versions before 2.12.0 and before 2.11.1, with a fix included in TensorFlow 2.12.0 and 2.11.1. Remediation is to upgrade to one of the...
CVE-2023-25670 TensorFlow has Null Pointer Error in QuantizedMatMulWithBiasAndDequantize
TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a null point error in QuantizedMatMulWithBiasAndDequantize with MKL enabled. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...