213 matches found
Division by zero in TFLite's implementation of `SpaceToBatchNd`
Impact The implementation of the SpaceToBatchNd TFLite operator is vulnerable to a division by zero error: cc TFLITEENSUREEQcontext, finaldimsize % blockshapedim, 0; outputsize-datadim + 1 = finaldimsize / blockshapedim; An attacker can craft a model such that one dimension of the block input is ...
Division by zero in TFLite's implementation of `DepthToSpace`
Impact The implementation of the DepthToSpace TFLite operator is vulnerable to a division by zero error: cc const int blocksize = params-blocksize; ... const int inputchannels = input-dims-data3; ... int outputchannels = inputchannels / blocksize / blocksize; An attacker can craft a model such th...
Division by zero in TFLite's convolution code
Impact TFLite's convolution code has multiple division where the divisor is controlled by the user and not checked to be non-zero. For example: cc const int inputsize = NumElementsinput / SizeOfDimensioninput, 0; Patches We have patched the issue in GitHub commit...
Division by zero in TFLite's implementation of `BatchToSpaceNd`
Impact The implementation of the BatchToSpaceNd TFLite operator is vulnerable to a division by zero error: cc TFLITEENSUREEQcontext, outputbatchsize % blockshapedim, 0; outputbatchsize = outputbatchsize / blockshapedim; An attacker can craft a model such that one dimension of the block input is 0...
Null pointer dereference in TFLite's `Reshape` operator
Impact The fix for CVE-2020-15209 missed the case when the target shape of Reshape operator is given by the elements of a 1-D tensor. As such, the fix for the vulnerability allowed passing a null-buffer-backed tensor with a 1D shape: cc if tensor-data.raw == nullptr && tensor-bytes 0 if...
GHSA-24X6-8C7M-HV3F Heap OOB read in TFLite's implementation of `Minimum` or `Maximum`
Impact The implementations of the Minimum and Maximum TFLite operators can be used to read data outside of bounds of heap allocated objects, if any of the two input tensor arguments are empty. This is because the broadcasting implementation indexes in both tensors with the same index but does not...
Division by zero in TFLite's implementation of `TransposeConv`
Impact The optimized implementation of the TransposeConv TFLite operator is vulnerable to a division by zero error: cc int heightcol = height + padt + padb - filterh / strideh + 1; int widthcol = width + padl + padr - filterw / stridew + 1; An attacker can craft a model such that strideh,w values...
GHSA-26J7-6W8W-7922 Division by zero in optimized pooling implementations in TFLite
Impact Optimized pooling implementations in TFLite fail to check that the stride arguments are not 0 before calling ComputePaddingHeightWidth. Since users can craft special models which will have params-strideheight,width be zero, this will result in a division by zero. Patches We have patched th...
Overflow/denial of service in `tf.raw_ops.ReverseSequence`
Impact The implementation of tf.rawops.ReverseSequence allows for stack overflow and/or CHECK-fail based denial of service. python import tensorflow as tf input = tf.zeros1, 1, 1, dtype=tf.int32 seqlengths = tf.constant0, shape=1, dtype=tf.int32 tf.rawops.ReverseSequence input=input,...
Undefined behavior in `MaxPool3DGradGrad`
Impact The implementation of tf.rawops.MaxPool3DGradGrad exhibits undefined behavior by dereferencing null pointers backing attacker-supplied empty tensors: python import tensorflow as tf originput = tf.constant0.0, shape=1, 1, 1, 1, 1, dtype=tf.float32 origoutput = tf.constant0.0, shape=1, 1, 1,...
Division by 0 in `MaxPoolGradWithArgmax`
Impact The implementation of tf.rawops.MaxPoolGradWithArgmax is vulnerable to a division by 0: python import tensorflow as tf input = tf.constant, shape=0, 0, 0, 0, dtype=tf.float32 grad = tf.constant, shape=0, 0, 0, 0, dtype=tf.float32 argmax = tf.constant, shape=0, dtype=tf.int64 ksize = 1, 1, ...
Reference binding to nullptr in `SdcaOptimizer`
Impact The implementation of tf.rawops.SdcaOptimizer triggers undefined behavior due to dereferencing a null pointer: python import tensorflow as tf sparseexampleindices = tf.constant0, dtype=tf.int64, tf.constant0, dtype=tf.int64 sparsefeatureindices = tf.constant, shape=0, 0, 0, 0,...
Heap out of bounds read in `MaxPoolGradWithArgmax`
Impact The implementation of tf.rawops.MaxPoolGradWithArgmax can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs: python import tensorflow as tf input = tf.constant10.0, 10.0, 10.0, shape=1, 1, 3, 1, dtype=tf.float32 grad = tf.constant10.0, 10.0,...
Reference binding to null in `ParameterizedTruncatedNormal`
Impact An attacker can trigger undefined behavior by binding to null pointer in tf.rawops.ParameterizedTruncatedNormal: python import tensorflow as tf shape = tf.constant, shape=0, dtype=tf.int32 means = tf.constant1, dtype=tf.float32 stdevs = tf.constant1, dtype=tf.float32 minvals = tf.constant1...
GHSA-36VM-XW34-X4PJ CHECK-fail in `tf.raw_ops.IRFFT`
Impact An attacker can cause a denial of service by exploiting a CHECK-failure coming from the implementation of tf.rawops.IRFFT: python import tensorflow as tf values = -10.0 130 values0 = -9.999999999999995 inputs = tf.constantvalues, shape=10, 13, dtype=tf.float32 inputs = tf.castinputs,...
Heap OOB access in unicode ops
Impact An attacker can access data outside of bounds of heap allocated array in tf.rawops.UnicodeEncode: python import tensorflow as tf inputvalues = tf.constant58, shape=1, dtype=tf.int32 inputsplits = tf.constant81, 101, 0, shape=3, dtype=tf.int32 outputencoding = "UTF-8" tf.rawops.UnicodeEncod...
Division by 0 in `FusedBatchNorm`
Impact An attacker can cause a denial of service via a FPE runtime error in tf.rawops.FusedBatchNorm: python import tensorflow as tf x = tf.constant, shape=1, 1, 1, 0, dtype=tf.float32 scale = tf.constant, shape=0, dtype=tf.float32 offset = tf.constant, shape=0, dtype=tf.float32 mean = tf.constan...
Division by 0 in `DenseCountSparseOutput`
Impact An attacker can cause a denial of service via a FPE runtime error in tf.rawops.DenseCountSparseOutput: python import tensorflow as tf values = tf.constant, shape=0, 0, dtype=tf.int64 weights = tf.constant tf.rawops.DenseCountSparseOutput values=values, weights=weights, minlength=-1,...
OOB read in `MatrixTriangularSolve`
Impact The implementation of MatrixTriangularSolve fails to terminate kernel execution if one validation condition fails: cc void ValidateInputTensorsOpKernelContext ctx, const Tensor& in0, const Tensor& in1 override OPREQUIRES ctx, in0.dims = 2, errors::InvalidArgument"In0 ndims must be = 2: ",...
Division by 0 in `QuantizedBatchNormWithGlobalNormalization`
Impact An attacker can cause a runtime division by zero error and denial of service in tf.rawops.QuantizedBatchNormWithGlobalNormalization: python import tensorflow as tf t = tf.constant, shape=0, 0, 0, 0, dtype=tf.quint8 tmin = tf.constant-10.0, dtype=tf.float32 tmax = tf.constant-10.0,...