7047 matches found
CVE-2022-35996
TensorFlow’s CVE-2022-35996 describes a DoS due to a division-by-zero in Conv2D when given an empty input with valid filter/padding, producing all-zeros output. The issue was patched in the GitHub commit 611d80db29dd7b0cfb755772c69d60ae5bca05f9, and the fix is scheduled for TensorFlow 2.10.0. Mai...
CVE-2022-35996 Floating point exception in `Conv2D` in TensorFlow
TensorFlow is an open source platform for machine learning. If Conv2D is given empty input and the filter and padding sizes are valid, the output is all-zeros. This causes division-by-zero floating point exceptions that can be used to trigger a denial of service attack. We have patched the issue ...
CVE-2022-36027 Segfault TFLite converter on per-channel quantized transposed convolutions in TensorFlow
TensorFlow is an open source platform for machine learning. When converting transposed convolutions using per-channel weight quantization the converter segfaults and crashes the Python process. We have patched the issue in GitHub commit aa0b852a4588cea4d36b74feb05d93055540b450. The fix will be...
CVE-2022-36027
TensorFlow's CVE-2022-36027 affects the TFLite/TensorFlow converter path for per-channel quantized transposed convolutions, where converting these ops can segfault and crash the Python process. The issue has been patched in commit aa0b852a4588cea4d36b74feb05d93055540b450, with the fix slated for ...
CVE-2022-36014
TensorFlow vulnerability CVE-2022-36014: a null dereference in mlir::tfg::TFOp::nameAttr when provided a null type list, causing a crash (denial of service potential). Fixed in GitHub commits 3a754740d5414e362512ee981eefba41561a63a6 and a0f0b9a21c9270930457095092f558fbad4c03e5. The patch will be ...
CVE-2022-36014 Null-dereference in `mlir::tfg::TFOp::nameAttr` in TensorFlow
TensorFlow is an open source platform for machine learning. When mlir::tfg::TFOp::nameAttr receives null type list attributes, it crashes. We have patched the issue in GitHub commits 3a754740d5414e362512ee981eefba41561a63a6 and a0f0b9a21c9270930457095092f558fbad4c03e5. The fix will be included in...
CVE-2022-36000
CVE-2022-36000 describes a null pointer dereference in TensorFlow when mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes. Affected TF versions include 2.7.2, 2.8.1, 2.9.1 (and beyond) within the supported range; the issue has been patched in commit aed36912609fc072...
CVE-2022-36000 Null dereference on MLIR on empty function attributes in TensorFlow
TensorFlow is an open source platform for machine learning. When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it gives a null dereference. We have patched the issue in GitHub commit aed36912609fc07229b4d0a7b44f3f48efc00fd0. The fix will be included in...
CVE-2022-36011
CVE-2022-36011 affects TensorFlow: a null dereference when mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes. Root cause: empty attributes lead to a null dereference in MLIR/TFG import. Remediation per sources: fix landed in TensorFlow 2.10.0 and will be cherry-pic...
CVE-2022-36011 Null dereference on MLIR on empty function attributes in TensorFlow
TensorFlow is an open source platform for machine learning. When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it gives a null dereference. We have patched the issue in GitHub commit 1cf45b831eeb0cab8655c9c7c5d06ec6f45fc41b. The fix will be included in...
CVE-2022-36013
TensorFlow CVE-2022-36013 describes a null-dereference crash in mlir::tfg::GraphDefImporter::ConvertNodeDef when converting NodeDefs without an op name. A fix is present in commit a0f0b9a21c9270930457095092f558fbad4c03e5 and will be included in TensorFlow 2.10.0; the patch will also beCherry-pick...
animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +182 more potentially affected by CVE-2022-35981 via tensorflow-gpu (>=1.10.1 <=2.7.0)
tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-35981 Source advisory: OSV:GHSA-VXV8-R8Q2-63XW...
animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +182 more potentially affected by CVE-2022-35979 via tensorflow-gpu (>=1.10.1 <=2.7.0)
tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-35979 Source advisory: OSV:GHSA-V7VW-577F-VP8X...
animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +182 more potentially affected by CVE-2022-35973 via tensorflow-gpu (>=1.10.1 <=2.7.0)
tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-35973 Source advisory: OSV:GHSA-689C-R7H2-FV9V...
CVE-2022-35994
CVE-2022-35994 is a denial-of-service issue in TensorFlow’s CollectiveGather when given a scalar input. Root cause: a CHECK failure in CollectiveGather. A patch was committed (c1f491817dec39a26be3c574e86a88c30f3c4770) and will be included in TensorFlow 2.10.0; the fix will also be cherry-picked t...
CVE-2022-35992
TensorFlow’s CVE-2022-35992 affects TensorListFromTensor when element_shape has rank > 1, triggering a CHECK failure that can lead to denial of service. The issue is addressed by GitHub commit 3db59a042a38f4338aa207922fa2f476e000a6ee and will be fixed in TensorFlow 2.10.0; Red Hat and IBM advi...
CVE-2022-35992 `CHECK` fail in `TensorListFromTensor` in TensorFlow
TensorFlow is an open source platform for machine learning. When TensorListFromTensor receives an elementshape of a rank greater than one, it gives a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit 3db59a042a38f4338aa207922fa2f476e000a6ee. The fi...
CVE-2022-35991
TensorFlow CVE-2022-35991 affects TensorListScatter and TensorListScatterV2 when element_shape has rank greater than one, triggering a CHECK failure that can lead to a denial of service. The issue is documented in OSV entries (BIT-TENSORFLOW-2022-35991) and related advisories, which confirm a pat...
animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +182 more potentially affected by CVE-2022-35967 via tensorflow-gpu (>=1.10.1 <=2.7.0)
tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-35967 Source advisory: OSV:GHSA-V6H3-348G-6H5X...
CVE-2022-35998
CVE-2022-35998 affects TensorFlow. When EmptyTensorList receives an input element_shape with more than one dimension, a CHECK failure can be triggered, potentially enabling a denial of service. The issue is fixed in commit c8ba76d48567aed347508e0552a257641931024d and will be included in TensorFlo...