BIT-TENSORFLOW-2021-29531 CHECK-fail in tf.raw_ops.EncodePng

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a CHECK fail in PNG encoding by providing an empty input tensor as the pixel data. This is because the...

BIT-TENSORFLOW-2021-29532 Heap out of bounds read in `RaggedCross`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can force accesses outside the bounds of heap allocated arrays by passing in invalid tensor values to tf.rawops.RaggedCross. This is because the...

BIT-TENSORFLOW-2021-29534 CHECK-fail in SparseConcat

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in tf.rawops.SparseConcat. This is because the...

BIT-TENSORFLOW-2021-29535 Heap buffer overflow in `QuantizedMul`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in QuantizedMul by passing in invalid thresholds for the quantization. This is because the...

BIT-TENSORFLOW-2021-29536 Heap buffer overflow in `QuantizedReshape`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in QuantizedReshape by passing in invalid thresholds for the quantization. This is because the...

BIT-TENSORFLOW-2021-29537 Heap buffer overflow in `QuantizedResizeBilinear`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in QuantizedResizeBilinear by passing in invalid thresholds for the quantization. This is because the...

BIT-TENSORFLOW-2021-29538 Division by zero in `Conv2DBackpropFilter`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a division by zero to occur in Conv2DBackpropFilter. This is because the...

BIT-TENSORFLOW-2021-29539 Segfault in tf.raw_ops.ImmutableConst

TensorFlow is an end-to-end open source platform for machine learning. Calling tf.rawops.ImmutableConsthttps://www.tensorflow.org/apidocs/python/tf/rawops/ImmutableConst with a dtype of tf.resource or tf.variant results in a segfault in the implementation as code assumes that the tensor contents...

BIT-TENSORFLOW-2021-29540 Heap buffer overflow in `Conv2DBackpropFilter`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow to occur in Conv2DBackpropFilter. This is because the...

BIT-TENSORFLOW-2021-29541 Null pointer dereference in `StringNGrams`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a dereference of a null pointer in tf.rawops.StringNGrams. This is because the...

BIT-TENSORFLOW-2021-29543 CHECK-fail in `CTCGreedyDecoder`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in tf.rawops.CTCGreedyDecoder. This is because the...

BIT-TENSORFLOW-2021-29544 CHECK-fail in `QuantizeAndDequantizeV4Grad`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in tf.rawops.QuantizeAndDequantizeV4Grad. This is because the implementation does not validate the rank of the input tensors. In turn, this results in the tensors...

BIT-TENSORFLOW-2021-29545 Heap buffer overflow in `SparseTensorToCSRSparseMatrix`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in converting sparse tensors to CSR Sparse matrices. This is because the...

BIT-TENSORFLOW-2021-29546 Division by 0 in `QuantizedBiasAdd`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger an integer division by zero undefined behavior in tf.rawops.QuantizedBiasAdd. This is because the implementation of the Eigen...

BIT-TENSORFLOW-2021-29547 Heap out of bounds in `QuantizedBatchNormWithGlobalNormalization`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a segfault and denial of service via accessing data outside of bounds in tf.rawops.QuantizedBatchNormWithGlobalNormalization. This is because the...

BIT-TENSORFLOW-2021-29548 Division by 0 in `QuantizedBatchNormWithGlobalNormalization`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runtime division by zero error and denial of service in tf.rawops.QuantizedBatchNormWithGlobalNormalization. This is because the...

BIT-TENSORFLOW-2021-29549 Division by 0 in `QuantizedAdd`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runtime division by zero error and denial of service in tf.rawops.QuantizedBatchNormWithGlobalNormalization. This is because the...

BIT-TENSORFLOW-2021-29551 OOB read in `MatrixTriangularSolve`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of MatrixTriangularSolvehttps://github.com/tensorflow/tensorflow/blob/8cae746d8449c7dda5298327353d68613f16e798/tensorflow/core/kernels/linalg/matrixtriangularsolveopimpl.hL160-L240 fails to terminate kernel...

BIT-TENSORFLOW-2021-29552 CHECK-failure in `UnsortedSegmentJoin`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by controlling the values of numsegments tensor argument for UnsortedSegmentJoin. This is because the...

BIT-TENSORFLOW-2021-29553 Heap OOB in `QuantizeAndDequantizeV3`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can read data outside of bounds of heap allocated buffer in tf.rawops.QuantizeAndDequantizeV3. This is because the...