54 matches found
CVE-2022-21741 Division by zero in TFLite
Tensorflow is an Open Source Machine Learning Framework. Impact An attacker can craft a TFLite model that would trigger a division by zero in the implementation of depthwise convolutions. The parameters of the convolution can be user controlled and are also used within a division operation to...
CVE-2021-37691 Division by zero in LSH in TensorFlow Lite
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would trigger a division by zero error in LSH implementation. We have patched the issue in GitHub commit 0575b640091680cfb70f4dd93e70658de43b94f9. The fix will be...
CVE-2021-37691
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would trigger a division by zero error in LSH implementation. We have patched the issue in GitHub commit 0575b640091680cfb70f4dd93e70658de43b94f9. The fix will be...
CVE-2021-37688
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would trigger a null pointer dereference, which would result in a crash and denial of service. The implementation unconditionally dereferences a pointer. We have...
PYSEC-2021-799
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would trigger a null pointer dereference, which would result in a crash and denial of service. The implementation unconditionally dereferences a pointer. We have...
PYSEC-2021-602
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would trigger a null pointer dereference, which would result in a crash and denial of service. This is caused by the MLIR optimization of L2NormalizeReduceAxis...
CVE-2021-37688
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would trigger a null pointer dereference, which would result in a crash and denial of service. The implementation unconditionally dereferences a pointer. We have...
PT-2021-21807 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.6.0 TensorFlow versions 2.5.1 and earlier TensorFlow versions 2.4.3 and earlier TensorFlow versions 2.3.4 and earlier Description: An attacker can craft a TFLite model that would trigger a null pointer...
Heap overflow
TensorFlow is an end-to-end open source platform for machine learning. A specially crafted TFLite model could trigger an OOB read on heap in the TFLite implementation of...
PYSEC-2021-531
TensorFlow is an end-to-end open source platform for machine learning. A specially crafted TFLite model could trigger an OOB write on heap in the TFLite implementation of...
PYSEC-2021-732
TensorFlow is an end-to-end open source platform for machine learning. A specially crafted TFLite model could trigger an OOB read on heap in the TFLite implementation of...
CVE-2020-15209
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a nullptr buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one...
CVE-2020-15209
Observation: CVE-2020-15209 affects TensorFlow Lite. A crafted TFLite flatbuffer can flip a tensor’s buffer index, turning a read-only tensor into read-write, which the runtime may treat as writable and initialize with a null buffer, causing a null pointer dereference. The issue has a concrete ro...
PT-2020-14281 · Google +1 · Tensorflow +1
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 1.15.4 TensorFlow versions prior to 2.0.3 TensorFlow versions prior to 2.1.2 TensorFlow versions prior to 2.2.1 TensorFlow versions prior to 2.3.1 Description: If a TFLite saved model uses the same tensor as both...