76 matches found
CVE-2021-41218
TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for AllToAll can be made to execute a division by 0. This occurs whenever the splitcount argument is 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on...
CVE-2021-41206
CVE-2021-41206 is described across multiple connected sources as a TensorFlow issue where several TF ops fail to validate the shapes of tensor arguments, potentially causing undefined behavior, crashes (segfaults or CHECK failures), and heap-related reads/writes. The issue affects TensorFlow’s co...
CVE-2021-41207 Division by zero in `ParallelConcat`
TensorFlow is an open source platform for machine learning. In affected versions the implementation of ParallelConcat misses some input validation and can produce a division by 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow...
CVE-2021-41207
TensorFlow ParallelConcat vulnerability (CVE-2021-41207) arises from insufficient input validation in the ParallelConcat implementation, which can lead to a division by zero in affected TensorFlow versions. The issue affects multiple releases and is slated to be fixed in TensorFlow 2.7.0; Sony ch...
CVE-2021-41209
CVE-2021-41209 affects TensorFlow: in affected versions, convolution operator implementations may trigger a division by zero when given empty filter tensor arguments. The issue is fixed in TensorFlow 2.7.0, with cherry-picks to 2.6.1, 2.5.2, and 2.4.4 in scope. Affected products/versions include ...
CVE-2021-41205
TensorFlow is an open source platform for machine learning. In affected versions the shape inference functions for the QuantizeAndDequantizeV operations can trigger a read outside of bounds of heap allocated array. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit ...
PYSEC-2021-415
TensorFlow is an open source platform for machine learning. In affected versions the implementation of FusedBatchNorm kernels is vulnerable to a heap OOB access. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow...
Null pointer dereference
TensorFlow is an open source platform for machine learning. In affected versions the process of building the control flow graph for a TensorFlow model is vulnerable to a null pointer exception when nodes that should be paired are not. This occurs because the code assumes that the first node in th...
Heap overflow
TensorFlow is an open source platform for machine learning. In affected versions the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to nullptr. This occurs whenever the dimensions of a or b are 0 or less. In the case on one of these is 0, an empt...
PYSEC-2021-624
TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for DeserializeSparse can trigger a null pointer dereference. This is because the shape inference function assumes that the serializesparse tensor is a tensor with positive rank and having 3 ...
PYSEC-2021-821
TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for tf.ragged.cross has an undefined behavior due to binding a reference to nullptr. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1,...
PYSEC-2021-396
TensorFlow is an open source platform for machine learning. In affected versions an attacker can trigger undefined behavior, integer overflows, segfaults and CHECK-fail crashes if they can change saved checkpoints from outside of TensorFlow. This is because the checkpoints loading infrastructure ...
PYSEC-2021-821
TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for tf.ragged.cross has an undefined behavior due to binding a reference to nullptr. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1,...
CVE-2021-41215 Null pointer exception in `DeserializeSparse`
TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for DeserializeSparse can trigger a null pointer dereference. This is because the shape inference function assumes that the serializesparse tensor is a tensor with positive rank and having 3 ...
CVE-2021-41215
CVE-2021-41215 affects TensorFlow: the shape inference for DeserializeSparse can trigger a null pointer dereference when the serialize_sparse tensor has positive rank (last dimension 3). A fix is available in TensorFlow 2.7.0, with cherry-picks for 2.6.1, 2.5.2, and 2.4.4. Remediation: upgrade to...
CVE-2021-41214
CVE-2021-41214 affects TensorFlow’s ragged.cross shape inference: binding a reference to nullptr causes undefined behavior. A fix is planned for TensorFlow 2.7.0, with cherry-picks to 2.6.1, 2.5.2, and 2.4.4 (still in supported range). Implication: vulnerable versions may crash or behave unexpect...
CVE-2021-41204 Segfault while copying constant resource tensor
TensorFlow is an open source platform for machine learning. In affected versions during TensorFlow's Grappler optimizer phase, constant folding might attempt to deep copy a resource tensor. This results in a segfault, as these tensors are supposed to not change. The fix will be included in...
CVE-2021-41204
CVE-2021-41204 concerns TensorFlow. In affected builds, during Grappler optimizer constant folding, a deep copy of a resource tensor may be attempted, causing a segfault because such tensors should not change. The issue is addressed with a fix in TensorFlow 2.7.0, and a cherry-pick was applied to...
CVE-2021-41223
TensorFlow is an open source platform for machine learning. In affected versions the implementation of FusedBatchNorm kernels is vulnerable to a heap OOB access. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow...
CVE-2021-41201
TensorFlow is an open source platform for machine learning. In affeced versions during execution, EinsumHelper::ParseEquation is supposed to set the flags in inputhasellipsis vector and outputhasellipsis boolean to indicate whether there is ellipsis in the corresponding inputs and output. However...