22 matches found
kernel: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq
in linux kernel, shift undefined behavior occurs in bnxtqpliballocinithwq with hwqattr-auxdepth of nonzero and hwqattr-auxstride of zero...
kernel: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq
in linux kernel, shift undefined behavior occurs in bnxtqpliballocinithwq with hwqattr-auxdepth of nonzero and hwqattr-auxstride of zero...
DEBIAN-CVE-2024-38540
In the Linux kernel, the following vulnerability has been resolved: bnxtre: avoid shift undefined behavior in bnxtqpliballocinithwq Undefined behavior is triggered when bnxtqpliballocinithwq is called with hwqattr-auxdepth != 0 and hwqattr-auxstride == 0. In that case,...
PT-2024-28063
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.9.0-rc6+ Description A vulnerability in the Linux kernel has been resolved, specifically in the bnxt re module. The issue is related to undefined behavior when the bnxt qplib alloc init hwq function is called...
GHSA-F637-VH3R-VFH2 TensorFlow has Floating Point Exception in AudioSpectrogram
Impact version:2.11.0 //core/ops/audioops.cc:70 Status SpectrogramShapeFnInferenceContext c ShapeHandle input; TFRETURNIFERRORc-WithRankc-input0, 2, &input; int32t windowsize; TFRETURNIFERRORc-GetAttr"windowsize", &windowsize; int32t stride; TFRETURNIFERRORc-GetAttr"stride", &stride; .....1...
PT-2023-20227 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.12.0 and 2.11.1 Description: The issue is related to a floating point exception in the AudioSpectrogram function. The exception occurs when the stride is set to 0. This can be exploited by passing a stride value...
SUSE CVE-2021-29585
TensorFlow is an end-to-end open source platform for machine learning. The TFLite computation for size of output after padding, ComputeOutSizehttps://github.com/tensorflow/tensorflow/blob/0c9692ae7b1671c983569e5d3de5565843d500cf/tensorflow/lite/kernels/padding.hL43-L55, does not check that the...
SUSE CVE-2021-29586
TensorFlow is an end-to-end open source platform for machine learning. Optimized pooling implementations in TFLite fail to check that the stride arguments are not 0 before calling...
SUSE CVE-2021-29588
TensorFlow is an end-to-end open source platform for machine learning. The optimized implementation of the TransposeConv TFLite operator is vulnerable to a division by zero error. An attacker can craft a model such that strideh,w values are 0. Code calling this function must validate these...
GHSA-V3F7-J968-4H5F Division by zero in Tensorflow
Impact The estimator for the cost of some convolution operations can be made to execute a division by 0: python import tensorflow as tf @tf.function def test: y=tf.rawops.AvgPoolGrad originputshape=1,1,1,1, grad=1.0,1.0,1.0,2.0,2.0,2.0,3.0,3.0,3.0, ksize=1,1,1,1, strides=1,1,1,0, padding='VALID',...
GHSA-VFR4-X8J2-3RF9 Division by zero in TFLite's implementation of `TransposeConv`
Impact The optimized implementation of the TransposeConv TFLite operator is vulnerable to a division by zero error: cc int heightcol = height + padt + padb - filterh / strideh + 1; int widthcol = width + padl + padr - filterw / stridew + 1; An attacker can craft a model such that strideh,w values...
GHSA-26J7-6W8W-7922 Division by zero in optimized pooling implementations in TFLite
Impact Optimized pooling implementations in TFLite fail to check that the stride arguments are not 0 before calling ComputePaddingHeightWidth. Since users can craft special models which will have params-strideheight,width be zero, this will result in a division by zero. Patches We have patched th...
PYSEC-2021-711
TensorFlow is an end-to-end open source platform for machine learning. The TFLite computation for size of output after padding, ComputeOutSizehttps://github.com/tensorflow/tensorflow/blob/0c9692ae7b1671c983569e5d3de5565843d500cf/tensorflow/lite/kernels/padding.hL43-L55, does not check that the...
PYSEC-2021-516
TensorFlow is an end-to-end open source platform for machine learning. The optimized implementation of the TransposeConv TFLite operator is vulnerable to a division by zero error. An attacker can craft a model such that strideh,w values are 0. Code calling this function must validate these...
PYSEC-2021-225
TensorFlow is an end-to-end open source platform for machine learning. The optimized implementation of the TransposeConv TFLite operator is vulnerable to a division by zero error. An attacker can craft a model such that strideh,w values are 0. Code calling this function must validate these...
PYSEC-2021-222
TensorFlow is an end-to-end open source platform for machine learning. The TFLite computation for size of output after padding, ComputeOutSizehttps://github.com/tensorflow/tensorflow/blob/0c9692ae7b1671c983569e5d3de5565843d500cf/tensorflow/lite/kernels/padding.hL43-L55, does not check that the...
PYSEC-2021-222
TensorFlow is an end-to-end open source platform for machine learning. The TFLite computation for size of output after padding, ComputeOutSizehttps://github.com/tensorflow/tensorflow/blob/0c9692ae7b1671c983569e5d3de5565843d500cf/tensorflow/lite/kernels/padding.hL43-L55, does not check that the...
PYSEC-2021-711
TensorFlow is an end-to-end open source platform for machine learning. The TFLite computation for size of output after padding, ComputeOutSizehttps://github.com/tensorflow/tensorflow/blob/0c9692ae7b1671c983569e5d3de5565843d500cf/tensorflow/lite/kernels/padding.hL43-L55, does not check that the...
PYSEC-2021-714
TensorFlow is an end-to-end open source platform for machine learning. The optimized implementation of the TransposeConv TFLite operator is vulnerable to a division by zero error. An attacker can craft a model such that strideh,w values are 0. Code calling this function must validate these...
PYSEC-2021-225
TensorFlow is an end-to-end open source platform for machine learning. The optimized implementation of the TransposeConv TFLite operator is vulnerable to a division by zero error. An attacker can craft a model such that strideh,w values are 0. Code calling this function must validate these...