CVE-2021-29561

CVE-2021-29561 (TensorFlow) describes a denial-of-service via a CHECK-fail in LoadAndRemapMatrix caused by assuming ckpt_path is a valid scalar; attackers can send a non-scalar tensor as the first argument. Connected docs confirm the same issue and note fixes will be applied in TensorFlow 2.5.0 w...

CVE-2021-29562

TensorFlow TF IRFFT CHECK-fail vulnerability (CVE-2021-29562) can cause denial of service via a CHECK failure in tf.raw_ops.IRFFT. Public details in OSV/GHSA entries confirm impact and patch strategy: fix in TensorFlow 2.5.0, with cherry-picks to 2.4.2, 2.3.3, 2.2.3 and 2.1.4. IBM CVE coverage an...

CVE-2021-29563

CVE-2021-29563 affects TensorFlow via a CHECK-fail in tf.raw_ops.RFFT that can trigger a denial of service when Eigen code operates on an empty matrix. The issue arises from a CHECK/ASSERT path and causes program termination rather than a traditional memory corruption exploit. The affected behavi...

CVE-2021-29564 Null pointer dereference in `EditDistance`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of tf.rawops.EditDistance. This is because the...

CVE-2021-29565 Null pointer dereference in `SparseFillEmptyRows`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of tf.rawops.SparseFillEmptyRows. This is because of missing...

CVE-2021-29565

TensorFlow CVE-2021-29565 describes a null pointer dereference in tf.raw_ops.SparseFillEmptyRows due to missing validation when dense_shape is empty. Connected sources confirm the issue, including a GitHub commit (faa76f39014ed3b5e2c158593b1335522e573c7f) and notes that the fix will be included i...

CVE-2021-29566

TensorFlow: CVE-2021-29566 is a heap-out-of-bounds (OOB) access in tf.raw_ops.Dilation2DBackpropInput due to missing input validation. This can cause writes outside the heap during backprop, as per the OSV/GHSA entries. The issue is fixed in TensorFlow 2.5.0 with cherry-picks to 2.4.2, 2.3.3, 2.2...

CVE-2021-29567

TensorFlow vulnerability CVE-2021-29567: SparseDenseCwiseMul lacks validation between input dimensions, only validating input ranks. This enables local attackers to trigger CHECK failures or heap-out-of-bounds writes, causing denial of service. Affected TF versions include 2.5.0 and older release...

CVE-2021-29568

TensorFlow vulnerability CVE-2021-29568 arises from binding to a NULL pointer in tf.raw_ops.ParameterizedTruncatedNormal due to not validating the shape argument before accessing shape_tensor.flat(0). The issue can cause undefined behavior; the affected commits patch the input validation. A fix w...

CVE-2021-29569

CVE-2021-29569: TensorFlow MaxPoolGradWithArgmax reads past heap bounds when input_min/input_max are empty. The issue stems from accessing first elements of flat() on empty tensors. Patches fix in TensorFlow 2.5.0 and will be cherry-picked to 2.4.2, 2.3.3, 2.2.3, and 2.1.4. Affected ranges are th...

CVE-2021-29570

CVE-2021-29570 affects TensorFlow and specifically the tf.raw_ops.MaxPoolGradWithArgmax path. The vulnerability is a heap out-of-bounds read caused by using the same value to index two different arrays without guaranteed equal sizes, leading to reads beyond heap data when provided crafted inputs....

CVE-2021-29571

TensorFlow DrawBoundingBoxesV2 memory corruption issue (CVE-2021-29571) arises when the last dimension of boxes is

CVE-2021-29571 Memory corruption in `DrawBoundingBoxesV2`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGradWithArgmax can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The...

CVE-2021-29572

TensorFlow CVE-2021-29572 is a null pointer dereference in tf.raw_ops.SdcaOptimizer caused by insufficient input validation. Connected sources confirm the issue affects TensorFlow 2.1.4 and other supported releases, with a patch planned in TensorFlow 2.5.0 and back-ported to 2.4.2, 2.3.3, 2.2.3, ...

CVE-2021-29573

CVE-2021-29573 concerns TensorFlow. The flaw is a division-by-zero in tf.raw_ops.MaxPoolGradWithArgmax caused by the implementation not validating the batch dimension is non-zero before dividing. The issue affects TensorFlow’s MaxPoolGradWithArgmax path and is addressed in the fix that will be in...

CVE-2021-29574 Undefined behavior in `MaxPool3DGradGrad`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPool3DGradGrad exhibits undefined behavior by dereferencing null pointers backing attacker-supplied empty tensors. The...

CVE-2021-29574

CVE-2021-29574 concerns TensorFlow. The issue is an undefined behavior in tf.raw_ops.MaxPool3DGradGrad where inputs can be empty and trigger null-pointer dereferences due to lack of input validation in pooling_ops_3d.cc. Affected context includes TensorFlow versions in the 2.x line with planned f...

CVE-2021-29575

CVE-2021-29575 targets TensorFlow’s tf.raw_ops.ReverseSequence. Concrete details from connected docs show the root cause: the operation does not validate seq_dim and batch_dim, allowing negative values to cause stack overflow or CHECK-fail Denial of Service (local). Impact is a local DoS conditio...

CVE-2021-29576

CVE-2021-29576 is a confirmed heap buffer overflow in TensorFlow related to the tf.raw_ops.MaxPool3DGradGrad implementation. The root cause is that Pool3dParameters may be initialized with invalid data because the constructor’s validation (OP_REQUIRES) can fail before completion, and the code pat...

CVE-2021-29577 Heap buffer overflow in `AvgPool3DGrad`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.AvgPool3DGrad is vulnerable to a heap buffer overflow. The...