Google TensorFlow SparseDenseCwiseMul Heap Out-of-Bounds Access Vulnerability

Google TensorFlow is an end-to-end open source machine learning platform. A heap out-of-bounds access vulnerability exists in Google TensorFlow SparseDenseCwiseMul. An attacker can exploit the vulnerability by passing an invalid parameter to "tf.raw\u ops.backpropinput" to write outside the...

CVE-2021-29567

TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in tf.rawops.SparseDenseCwiseMul, an attacker can trigger denial of service via CHECK-fails or accesses to outside the bounds of heap allocated data. Since the...

PYSEC-2021-693

TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in tf.rawops.SparseDenseCwiseMul, an attacker can trigger denial of service via CHECK-fails or accesses to outside the bounds of heap allocated data. Since the...

PYSEC-2021-495

TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in tf.rawops.SparseDenseCwiseMul, an attacker can trigger denial of service via CHECK-fails or accesses to outside the bounds of heap allocated data. Since the...

PYSEC-2021-693

TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in tf.rawops.SparseDenseCwiseMul, an attacker can trigger denial of service via CHECK-fails or accesses to outside the bounds of heap allocated data. Since the...

Out-of-bounds

TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in tf.rawops.SparseDenseCwiseMul, an attacker can trigger denial of service via CHECK-fails or accesses to outside the bounds of heap allocated data. Since the...

PYSEC-2021-204

TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in tf.rawops.SparseDenseCwiseMul, an attacker can trigger denial of service via CHECK-fails or accesses to outside the bounds of heap allocated data. Since the...

CVE-2021-29567 Lack of validation in `SparseDenseCwiseMul`

TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in tf.rawops.SparseDenseCwiseMul, an attacker can trigger denial of service via CHECK-fails or accesses to outside the bounds of heap allocated data. Since the...

Google TensorFlow 安全漏洞

Google TensorFlow is an end-to-end open source machine learning platform. A denial of service vulnerability exists in Google TensorFlow SparseDenseCwiseMul. The vulnerability stems from a lack of authentication in tf.rawops.SparseDenseCwiseMul. An attacker can exploit the vulnerability to cause...

PT-2021-18318 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2 and earlier TensorFlow versions 2.3.3 and earlier TensorFlow versions 2.2.3 and earlier TensorFlow versions 2.1.4 and earlier Description: The issue is due to a lack of validation i...