51 matches found
CVE-2021-29558 Heap buffer overflow in `SparseSplit`
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in tf.rawops.SparseSplit. This is because the...
CVE-2021-29559 Heap OOB access in unicode ops
TensorFlow is an end-to-end open source platform for machine learning. An attacker can access data outside of bounds of heap allocated array in tf.rawops.UnicodeEncode. This is because the...
CVE-2021-29572 Reference binding to nullptr in `SdcaOptimizer`
TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.SdcaOptimizer triggers undefined behavior due to dereferencing a null pointer. The...
CVE-2021-29575 Overflow/denial of service in `tf.raw_ops.ReverseSequence`
TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.ReverseSequence allows for stack overflow and/or CHECK-fail based denial of service. The...
CVE-2021-29525 Division by 0 in `Conv2DBackpropInput`
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in tf.rawops.Conv2DBackpropInput. This is because the...
CVE-2021-29529
CVE-2021-29529 affects TensorFlow’s QuantizedResizeBilinear in tf.raw_ops.QuantizedResizeBilinear, where rounding of floating input can cause interpolation bounds to produce an out-of-bounds access, leading to a heap buffer overflow. The vulnerability arises because lower/upper interpolation boun...
CVE-2021-29529 Heap buffer overflow caused by rounding
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a heap buffer overflow in tf.rawops.QuantizedResizeBilinear by manipulating input values so that float rounding results in off-by-one error in accessing image elements. This is because the...
CVE-2021-29538
TensorFlow CVE-2021-29538 concerns a division-by-zero in Conv2DBackpropFilter. The issue arises when shapes are empty, causing work_unit_size to be 0 and a divide operation to throw a runtime error, enabling potential denial-of-service conditions. Concrete details in connected docs specify the af...
CVE-2021-29541 Null pointer dereference in `StringNGrams`
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a dereference of a null pointer in tf.rawops.StringNGrams. This is because the...
CVE-2021-29548 Division by 0 in `QuantizedBatchNormWithGlobalNormalization`
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runtime division by zero error and denial of service in tf.rawops.QuantizedBatchNormWithGlobalNormalization. This is because the...
PT-2021-18335 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow version 2.4.2 TensorFlow version 2.3.3 TensorFlow version 2.2.3 TensorFlow version 2.1.4 Description: An attacker can trigger a denial of service via a CHECK-fail caused by an integer overflow in...