SUSE CVE-2022-35940

TensorFlow is an open source platform for machine learning. The RaggedRangOp function takes an argument limits that is eventually used to construct a TensorShape as an int64. If limits is a very large float, it can overflow when converted to an int64. This triggers an InvalidArgument but also...

SUSE CVE-2022-35941

TensorFlow is an open source platform for machine learning. The AvgPoolOp function takes an argument ksize that must be positive but is not checked. A negative ksize can trigger a CHECK failure and crash the program. We have patched the issue in GitHub commit...

SUSE CVE-2022-35960

TensorFlow is an open source platform for machine learning. In core/kernels/listkernels.cc's TensorListReserve, numelements is assumed to be a tensor of size 1. When a numelements of more than 1 element is provided, then tf.rawops.TensorListReserve fails the CHECKEQ in...

SUSE CVE-2022-35989

TensorFlow is an open source platform for machine learning. When MaxPool receives a window size input array ksize with dimensions greater than its input tensor input, the GPU kernel gives a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub comm...

SUSE CVE-2022-36017

TensorFlow is an open source platform for machine learning. If Requantize is given inputmin, inputmax, requestedoutputmin, requestedoutputmax tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...

GHSA-RMG2-F698-WQ35 `tf.raw_ops.Mfcc` crashes

Impact If ThreadUnsafeUnigramCandidateSampler is given input filterbankchannelcount greater than the allowed max size, TensorFlow will crash. python import tensorflow as tf tf.rawops.Mfcc spectrogram = 1.38, 6.32, 5.75, 9.51, samplerate = 2, upperfrequencylimit = 5.0, lowerfrequencylimit = 1.0,...

AZL-11529 CVE-2022-41890 affecting package tensorflow for versions less than 2.11.0-1

TensorFlow is an open source platform for machine learning. If BCast::ToShape is given input larger than an int32, it will crash, despite being supposed to handle up to an int64. An example can be seen in tf.experimental.numpy.outer by passing in large input to the input b. We have patched the...

GLSA-202210-37 : PJSIP: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202210-37 PJSIP: Multiple Vulnerabilities - PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before...

CVE-2022-39274

LoRaMac-node is a reference implementation and documentation of a LoRa network node. Versions of LoRaMac-node prior to 4.7.0 are vulnerable to a buffer overflow. Improper size validation of the incoming radio frames can lead to an 65280-byte out-of-bounds write. The function ProcessRadioRxDone...

UBUNTU-CVE-2022-39244

PJSIP is a free and open source multimedia communication library written in C. In versions of PJSIP prior to 2.13 the PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser are affeced by a buffer overflow vulnerability. Users connecting to untrusted clients are at risk. This issue has been...

Buffer overflow

LoRaMac-node is a reference implementation and documentation of a LoRa network node. Versions of LoRaMac-node prior to 4.7.0 are vulnerable to a buffer overflow. Improper size validation of the incoming radio frames can lead to an 65280-byte out-of-bounds write. The function ProcessRadioRxDone...

CVE-2022-39274 Buffer Overflow in `ProcessRadioRxDone` in LoRaMac-node

LoRaMac-node is a reference implementation and documentation of a LoRa network node. Versions of LoRaMac-node prior to 4.7.0 are vulnerable to a buffer overflow. Improper size validation of the incoming radio frames can lead to an 65280-byte out-of-bounds write. The function ProcessRadioRxDone...

PT-2022-5348 · Pjsip +1 · Pjsip +1

Name of the Vulnerable Software and Affected Versions: PJSIP versions prior to 2.13 Description: The issue is related to the incorrect switching from SRTP media transport to basic RTP upon SRTP restart when processing certain packets, causing media to be sent insecurely. This impacts all PJSIP...

CVE-2022-39274 Buffer Overflow in `ProcessRadioRxDone` in LoRaMac-node

LoRaMac-node is a reference implementation and documentation of a LoRa network node. Versions of LoRaMac-node prior to 4.7.0 are vulnerable to a buffer overflow. Improper size validation of the incoming radio frames can lead to an 65280-byte out-of-bounds write. The function ProcessRadioRxDone...

GHSA-RM2X-HGR8-W343 LIEF vulnerable to denial of service through segmentation fault

A vulnerability in the LIEF::MachO::SegmentCommand::virtualaddress function of LIEF v0.12.1 allows attackers to cause a denial of service DOS through a segmentation fault via a crafted MachO file. A patch is available at commit number 24935f654f6df700a9a062298258b9485f584502...

CVE-2022-35960 `CHECK` failure in `TensorListReserve` in TensorFlow

TensorFlow is an open source platform for machine learning. In core/kernels/listkernels.cc's TensorListReserve, numelements is assumed to be a tensor of size 1. When a numelements of more than 1 element is provided, then tf.rawops.TensorListReserve fails the CHECKEQ in...

CVE-2022-35941

TensorFlow is an open source platform for machine learning. The AvgPoolOp function takes an argument ksize that must be positive but is not checked. A negative ksize can trigger a CHECK failure and crash the program. We have patched the issue in GitHub commit...

GHSA-52XX-R3G2-P8JM LIEF vulnerable to heap based buffer overflow

LIEF commit 5d1d643 was discovered to contain a heap-buffer overflow in the component /core/CorePrPsInfo.tcc. Commit 53bf680ef494a835e2c4a5de328ca85416a03a5a contains a patch...

PT-2022-23137 · Rizin · Rizin

Name of the Vulnerable Software and Affected Versions: Rizin versions 0.4.0 and prior Description: The issue is related to an out-of-bounds write when parsing Mach-O files. A user opening a malicious Mach-O file could be affected, allowing an attacker to execute code on the user's machine...

PT-2022-5016 · Rizin · Rizin

Name of the Vulnerable Software and Affected Versions: Rizin versions 0.4.0 and prior Description: The issue is related to an out-of-bounds write when getting data from dyld cache files. A user opening a malicious dyld cache file could be affected, allowing an attacker to execute code on the user...