13 matches found
CVE-2022-23576
Tensorflow is an Open Source Machine Learning Framework. The implementation of OpLevelCostEstimator::CalculateOutputSize is vulnerable to an integer overflow if an attacker can create an operation which would involve tensors with large enough number of elements. We can have a large enough number ...
BIT-TENSORFLOW-2022-23576 Integer overflow in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. The implementation of OpLevelCostEstimator::CalculateOutputSize is vulnerable to an integer overflow if an attacker can create an operation which would involve tensors with large enough number of elements. We can have a large enough number ...
Denial Of Service (DoS)
tensorflow is vulnerable to denial of service. The vulnerability exists due to an integer overflow in OpLevelCostEstimator::CalculateOutputSize allowing an attacker to crash the system by inputting a negative number into the cost estimate...
Integer Overflow
tensorflow is vulnerable to integer overflow. The vulnerability exists in OpLevelCostEstimator::CalculateOutputSize function of oplevelcostestimator.cc because it doesn't validate the size of the user input which leads to an application crash...
Integer overflow in Tensorflow
Impact The implementation of OpLevelCostEstimator::CalculateOutputSize is vulnerable to an integer overflow if an attacker can create an operation which would involve tensors with large enough number of elements: cc for const auto& dim : outputshape.dim outputsize = dim.size; Here, we can have a...
CVE-2022-23576
Tensorflow is an Open Source Machine Learning Framework. The implementation of OpLevelCostEstimator::CalculateOutputSize is vulnerable to an integer overflow if an attacker can create an operation which would involve tensors with large enough number of elements. We can have a large enough number ...
Integer overflow
Tensorflow is an Open Source Machine Learning Framework. The implementation of OpLevelCostEstimator::CalculateTensorSize is vulnerable to an integer overflow if an attacker can create an operation which would involve a tensor with large enough number of elements. The fix will be included in...
Integer overflow
Tensorflow is an Open Source Machine Learning Framework. The implementation of OpLevelCostEstimator::CalculateOutputSize is vulnerable to an integer overflow if an attacker can create an operation which would involve tensors with large enough number of elements. We can have a large enough number ...
PYSEC-2022-85
Tensorflow is an Open Source Machine Learning Framework. The implementation of OpLevelCostEstimator::CalculateOutputSize is vulnerable to an integer overflow if an attacker can create an operation which would involve tensors with large enough number of elements. We can have a large enough number ...
PYSEC-2022-140
Tensorflow is an Open Source Machine Learning Framework. The implementation of OpLevelCostEstimator::CalculateOutputSize is vulnerable to an integer overflow if an attacker can create an operation which would involve tensors with large enough number of elements. We can have a large enough number ...
CVE-2022-23575
TensorFlow vulnerability CVE-2022-23575 arises from an integer overflow in OpLevelCostEstimator::CalculateTensorSize when processing an operation with a very large tensor. The issue affects TensorFlow and was mitigated by a patch in TensorFlow 2.8.0, with cherry-picks to 2.7.1, 2.6.3, and 2.5.3 (...
CVE-2022-23576
CVE-2022-23576 describes an integer overflow in TensorFlow’s OpLevelCostEstimator::CalculateOutputSize, triggered when computing the product of output_shape.dim() elements for large tensor sizes. The vulnerability could allow overflow of the computed output size, potentially impacting stability o...
CVE-2022-23576 Integer overflow in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. The implementation of OpLevelCostEstimator::CalculateOutputSize is vulnerable to an integer overflow if an attacker can create an operation which would involve tensors with large enough number of elements. We can have a large enough number ...