BIT-TENSORFLOW-2021-29567 Lack of validation in `SparseDenseCwiseMul`

TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in tf.rawops.SparseDenseCwiseMul, an attacker can trigger denial of service via CHECK-fails or accesses to outside the bounds of heap allocated data. Since the...

BIT-TENSORFLOW-2021-29568 Reference binding to null in `ParameterizedTruncatedNormal`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger undefined behavior by binding to null pointer in tf.rawops.ParameterizedTruncatedNormal. This is because the...

BIT-TENSORFLOW-2021-29569 Heap out of bounds read in `RequantizationRange`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGradWithArgmax can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The...

BIT-TENSORFLOW-2021-29570 Heap out of bounds read in `MaxPoolGradWithArgmax`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGradWithArgmax can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The...

BIT-TENSORFLOW-2021-29571 Memory corruption in `DrawBoundingBoxesV2`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGradWithArgmax can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The...

BIT-TENSORFLOW-2021-29572 Reference binding to nullptr in `SdcaOptimizer`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.SdcaOptimizer triggers undefined behavior due to dereferencing a null pointer. The...

BIT-TENSORFLOW-2021-29573 Division by 0 in `MaxPoolGradWithArgmax`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGradWithArgmax is vulnerable to a division by 0. The...

BIT-TENSORFLOW-2021-29574 Undefined behavior in `MaxPool3DGradGrad`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPool3DGradGrad exhibits undefined behavior by dereferencing null pointers backing attacker-supplied empty tensors. The...

BIT-TENSORFLOW-2021-29575 Overflow/denial of service in `tf.raw_ops.ReverseSequence`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.ReverseSequence allows for stack overflow and/or CHECK-fail based denial of service. The...

BIT-TENSORFLOW-2021-29576 Heap buffer overflow in `MaxPool3DGradGrad`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPool3DGradGrad is vulnerable to a heap buffer overflow. The...

BIT-TENSORFLOW-2021-29577 Heap buffer overflow in `AvgPool3DGrad`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.AvgPool3DGrad is vulnerable to a heap buffer overflow. The...

BIT-TENSORFLOW-2021-29578 Heap buffer overflow in `FractionalAvgPoolGrad`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.FractionalAvgPoolGrad is vulnerable to a heap buffer overflow. The...

BIT-TENSORFLOW-2021-29579 Heap buffer overflow in `MaxPoolGrad`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGrad is vulnerable to a heap buffer overflow. The...

BIT-TENSORFLOW-2021-29580 Undefined behavior and `CHECK`-fail in `FractionalMaxPoolGrad`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.FractionalMaxPoolGrad triggers an undefined behavior if one of the input tensors is empty. The code is also vulnerable to a denial of service attack as a CHECK condition becomes false and aborts...

BIT-TENSORFLOW-2021-29581 Segfault in `CTCBeamSearchDecoder`

TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in tf.rawops.CTCBeamSearchDecoder, an attacker can trigger denial of service via segmentation faults. The...

BIT-TENSORFLOW-2021-29582 Heap OOB read in `tf.raw_ops.Dequantize`

TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in tf.rawops.Dequantize, an attacker can trigger a read from outside of bounds of heap allocated data. The...

BIT-TENSORFLOW-2021-29583 Heap buffer overflow and undefined behavior in `FusedBatchNorm`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.FusedBatchNorm is vulnerable to a heap buffer overflow. If the tensors are empty, the same implementation can trigger undefined behavior by dereferencing null pointers. The...

BIT-TENSORFLOW-2021-29584 CHECK-fail due to integer overflow

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in caused by an integer overflow in constructing a new tensor shape. This is because the...

BIT-TENSORFLOW-2021-29585 Division by zero in padding computation in TFLite

TensorFlow is an end-to-end open source platform for machine learning. The TFLite computation for size of output after padding, ComputeOutSizehttps://github.com/tensorflow/tensorflow/blob/0c9692ae7b1671c983569e5d3de5565843d500cf/tensorflow/lite/kernels/padding.hL43-L55, does not check that the...

BIT-TENSORFLOW-2021-29586 Division by zero in optimized pooling implementations in TFLite

TensorFlow is an end-to-end open source platform for machine learning. Optimized pooling implementations in TFLite fail to check that the stride arguments are not 0 before calling...