7047 matches found
CVE-2022-29206 Missing validation results in undefined behavior in `SparseTensorDenseAdd` in TensorFlow
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.SparseTensorDenseAdd does not fully validate the input arguments. In this case, a reference gets bound to a nullptr during kernel execution. This is...
CVE-2022-29206
CVE-2022-29206 involves TensorFlow’s tf.raw_ops.SparseTensorDenseAdd, where input argument validation is insufficient, causing a reference to a nullptr during kernel execution and resulting in undefined behavior. Affected releases include TensorFlow versions prior to 2.9.0, and also 2.8.1, 2.7.2,...
CVE-2022-29206 Missing validation results in undefined behavior in `SparseTensorDenseAdd` in TensorFlow
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.SparseTensorDenseAdd does not fully validate the input arguments. In this case, a reference gets bound to a nullptr during kernel execution. This is...
CVE-2022-29207
CVE-2022-29207 affects TensorFlow. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, multiple TensorFlow operations can misbehave in eager mode when the provided resource handle is invalid, binding a reference to a null pointer and causing undefined behavior. In graph mode, these API calls were n...
CVE-2022-29207 Undefined behavior when users supply invalid resource handles in TensorFlow
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, multiple TensorFlow operations misbehave in eager mode when the resource handle provided to them is invalid. In graph mode, it would have been impossible to perform these API calls, but...
CVE-2022-29207 Undefined behavior when users supply invalid resource handles in TensorFlow
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, multiple TensorFlow operations misbehave in eager mode when the resource handle provided to them is invalid. In graph mode, it would have been impossible to perform these API calls, but...
CVE-2022-29195
TensorFlow CVE-2022-29195 concerns a denial-of-service via missing validation in tf.raw_ops.StagePeek. Affected are versions before patches: 2.9.0, 2.8.1, 2.7.2, and 2.6.4, which patch the issue. The vulnerability stems from StagePeek assuming index is a scalar without validating input, leading t...
CVE-2022-29197
CVE-2022-29197 concerns TensorFlow UnsortedSegmentJoin with incomplete input validation that can trigger a denial of service via a CHECK failure when num_segments is not properly validated. Affected releases include TensorFlow versions prior to 2.9.0, 2.8.1, 2.7.2, and 2.6.4. The issue has been a...
CVE-2022-29197 Missing validation causes denial of service in TensorFlow via `UnsortedSegmentJoin`
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.UnsortedSegmentJoin does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack. T...
CVE-2022-29196
CVE-2022-29196 applies to TensorFlow. Before versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, Conv3DBackpropFilterV2 does not fully validate input arguments, specifically not validating that filter_sizes is a vector. This triggers a CHECK failure and can be leveraged to cause a denial of service. The iss...
CVE-2022-29196 Missing validation causes denial of service in TensorFlow via `Conv3DBackpropFilterV2`
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.Conv3DBackpropFilterV2 does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack...
CVE-2022-29196 Missing validation causes denial of service in TensorFlow via `Conv3DBackpropFilterV2`
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.Conv3DBackpropFilterV2 does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack...
CVE-2022-29198
CVE-2022-29198 concerns TensorFlow’s tf.raw_ops.SparseTensorToCSRSparseMatrix, where input validation is incomplete for dense_shape and indices. This can trigger a CHECK failure, potentially enabling a denial of service. The issue is documented to affect TensorFlow versions prior to 2.9.0, 2.8.1,...
CVE-2022-29198 Missing validation causes denial of service in TensorFlow via `SparseTensorToCSRSparseMatrix`
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.SparseTensorToCSRSparseMatrix does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service...
CVE-2022-29198 Missing validation causes denial of service in TensorFlow via `SparseTensorToCSRSparseMatrix`
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.SparseTensorToCSRSparseMatrix does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service...
CVE-2022-29199
TensorFlow vulnerability CVE-2022-29199 affects tf.raw_ops.LoadAndRemapMatrix. The issue arises from incomplete validation of input arguments, where the code assumes initializing_values is a vector but does not validate it before access, leading to a CHECK failure that can trigger a denial of ser...
CVE-2022-29199 Missing validation causes denial of service in TensorFlow via `LoadAndRemapMatrix`
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.LoadAndRemapMatrix does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack. Th...
CVE-2022-29199 Missing validation causes denial of service in TensorFlow via `LoadAndRemapMatrix`
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.LoadAndRemapMatrix does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack. Th...
CVE-2022-29200
TensorFlow CVE-2022-29200 affects tf.raw_ops.LSTMBlockCell where input argument ranks were not fully validated, causing CHECK failures that can trigger denial of service. Affected versions are before 2.9.0 and also including 2.8.1, 2.7.2, and 2.6.4; a patch exists in 2.9.0 and was backported to t...
CVE-2022-29200 Missing validation causes denial of service in TensorFlow via `LSTMBlockCell`
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.LSTMBlockCell does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack. The cod...