CVE-2021-37647 Null pointer dereference in `SparseTensorSliceDataset` in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. When a user does not supply arguments that determine a valid sparse tensor, tf.rawops.SparseTensorSliceDataset implementation can be made to dereference a null pointer. The implementation has some argument validation but fails...

CVE-2021-37643 Null pointer dereference in `MatrixDiagPartOp` in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. If a user does not provide a valid padding value to tf.rawops.MatrixDiagPartOp, then the code triggers a null pointer dereference if input is empty or produces invalid behavior, ignoring all values after the first. The...

CVE-2021-37643

CVE-2021-37643 affects TensorFlow’s MatrixDiagPartOp. The issue arises when a user does not supply a valid padding value, causing a NULL pointer dereference (if input is empty) or invalid behavior that ignores subsequent values. The root cause is reading the first value from a tensor buffer witho...

CVE-2021-37639

TensorFlow has a local, impactful vulnerability CVE-2021-37639 where restoring tensors via raw APIs can dereference a null pointer or read outside the heap bounds when tensor_name is not provided. The root cause is reading the tensor list from user-controlled input without validating its length, ...

CVE-2021-37639 Null pointer dereference and heap OOB read in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. When restoring tensors via raw APIs, if the tensor name is not provided, TensorFlow can be tricked into dereferencing a null pointer. Alternatively, attackers can read memory outside the bounds of heap allocated data by...

CVE-2021-37638

CVE-2021-37638 : TensorFlow vulnerable to a NULL pointer dereference in the RaggedTensorToTensor path caused by sending an empty row_partition_types list. The issue stems from accessing the first element of a user-supplied list without validating non-emptiness. A patch was applied in GitHub commi...

CVE-2021-37638 Null pointer dereference in `RaggedTensorToTensor` in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. Sending invalid argument for rowpartitiontypes of tf.rawops.RaggedTensorToTensor API results in a null pointer dereference and undefined behavior. The implementation accesses the first element of a user supplied list of values...

CVE-2021-37660

CVE-2021-37660 describes a division-by-zero flaw in TensorFlow’s inplace operations due to a logic error in inplace_ops.cc. The faulty condition uses || instead of &&, allowing a floating-point exception when crafted inputs are provided. The issue has been patched in the GitHub commit e86605c0a33...

CVE-2021-37660 Division by 0 in inplace operations in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause a floating point exception by calling inplace operations with crafted arguments that would result in a division by 0. The implementation has a logic error: it should skip processing i...

CVE-2021-37653

TensorFlow Cortex: CVE-2021-37653 affects TensorFlow’s tf.raw_ops.ResourceGather. The issue stems from computing batch_size and dividing by it without validating 0, causing a local crash (denial of service). A patch exists in GitHub commit ac117ee8a8ea57b73d34665cdf00ef3303bc0b11 and should be in...

CVE-2021-37653 Division by 0 in `ResourceGather` in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a crash via a floating point exception in tf.rawops.ResourceGather. The implementation computes the value of a value, batchsize, and then divides by it without checking that this...

CVE-2021-37642

CVE-2021-37642 involves TensorFlow’s tf.raw_ops.ResourceScatterDiv, where an implementation division-by-zero can occur in affected builds. Public details confirm this is rooted in the shared binary-ops class and that a patch was applied in GitHub commit 4aacb30888638da75023e6601149415b39763d76, w...

CVE-2021-37642 Division by 0 in `ResourceScatterDiv` in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.rawops.ResourceScatterDiv is vulnerable to a division by 0 error. The implementation uses a common class for all binary operations but fails to treat the division by 0 case...

CVE-2021-37640 Integer division by 0 in sparse reshaping in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.rawops.SparseReshape can be made to trigger an integral division by 0 exception. The implementation calls the reshaping functor whenever there is at least an index in the input but...

CVE-2021-37640

CVE-2021-37640 affects TensorFlow and relates to the SparseReshape path. The issue arises when tf.raw_ops.SparseReshape can trigger a division by zero due to the reshape functor not validating that both input and target shapes have a non-zero element count. This can lead to an integral division b...

CVE-2021-37636 Floating point exception in `SparseDenseCwiseDiv` in TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.rawops.SparseDenseCwiseDiv is vulnerable to a division by 0 error. The implementation uses a common class for all binary operations but fails to treat the division by 0 case...

CVE-2021-37636

CVE-2021-37636 concerns TensorFlow with a vulnerability in tf.raw_ops.SparseDenseCwiseDiv where division by zero can occur due to how a shared binary-ops class handles this case. The issue affects affected TensorFlow versions and has been addressed by patching the underlying code in a GitHub comm...

Google TensorFlow 缓冲区错误漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc...

How profiling employee working hours helps to detect security incidents

At the TimeMachine company there are two special old friends Bob and Alice. Bob, as a team manager, usually has a very busy schedule filled with meetings all day long. You can even find him working late into the night trying to catch up on email he received during the day. Alice on the other hand...

Chamilo LMS 跨站脚本漏洞

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of content, distance training and online question and answer sessions. A security vulnerability exists in Chamilo LMS version 1.11.14, which can be exploited by...