BIT-TENSORFLOW-2023-25669 TensorFlow has Floating Point Exception in AvgPoolGrad with XLA

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the stride and window size are not positive for tf.rawops.AvgPoolGrad, it can give a floating point exception. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

BIT-TENSORFLOW-2023-25670 TensorFlow has Null Pointer Error in QuantizedMatMulWithBiasAndDequantize

TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a null point error in QuantizedMatMulWithBiasAndDequantize with MKL enabled. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

BIT-TENSORFLOW-2023-25671 TensorFlow has segmentation fault in tfg-translate

TensorFlow is an open source platform for machine learning. There is out-of-bounds access due to mismatched integer type sizes. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

BIT-TENSORFLOW-2023-25672 TensorFlow has Null Pointer Error in LookupTableImportV2

TensorFlow is an open source platform for machine learning. The function tf.rawops.LookupTableImportV2 cannot handle scalars in the values parameter and gives an NPE. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

BIT-TENSORFLOW-2023-25673 TensorFlow has Floating Point Exception in TensorListSplit with XLA

TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a Floating Point Exception in TensorListSplit with XLA. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

BIT-TENSORFLOW-2023-25674 TensorFlow has Null Pointer Error in RandomShuffle with XLA enable

TensorFlow is an open source machine learning platform. Versions prior to 2.12.0 and 2.11.1 have a null pointer error in RandomShuffle with XLA enabled. A fix is included in TensorFlow 2.12.0 and 2.11.1...

BIT-TENSORFLOW-2023-25675 TensorFlow has Segfault in Bincount with XLA

TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor. A fix is included in TensorFlow 2.12.0 and 2.11.1...

BIT-TENSORFLOW-2023-25676 TensorFlow has null dereference on ParallelConcat with XLA

TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.ParallelConcat segfaults with a nullptr dereference when given a parameter shape with rank that is not greater than zero. A fix is available in TensorFlow 2.12.0 and 2.11.1...

BIT-TENSORFLOW-2023-25801 TensorFlow has double free in Fractional(Max/Avg)Pool

TensorFlow is an open source machine learning platform. Prior to versions 2.12.0 and 2.11.1, nnops.fractionalavgpoolv2 and nnops.fractionalmaxpoolv2 require the first and fourth elements of their parameter poolingratio to be equal to 1.0, as pooling on batch and channel dimensions is not supporte...

BIT-TENSORFLOW-2023-27579 TensorFlow has Floating Point Exception in TFLite in conv kernel

TensorFlow is an end-to-end open source platform for machine learning. Constructing a tflite model with a paramater filterinputchannel of less than 1 gives a FPE. This issue has been patched in version 2.12. TensorFlow will also cherrypick the fix commit on TensorFlow 2.11.1...

Software vulnerabilities related to application optimization in Intel Optimization for TensorFlow framework, caused by incorrect elimination of special elements in the output data, allow attackers to exploit these vulnerabilities to gain enhanced privileges.

The vulnerability of software for application optimization in Intel Optimization for TensorFlow framework is related to incorrect elimination of certain elements in the output data. Exploiting this vulnerability can allow attackers to enhance their privileges...

CVE-2023-30767

Improper buffer restrictions in IntelR Optimization for TensorFlow before version 2.13.0 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2023-30767

Improper buffer restrictions in IntelR Optimization for TensorFlow before version 2.13.0 may allow an authenticated user to potentially enable escalation of privilege via local access...

Buffer overflow

Improper buffer restrictions in IntelR Optimization for TensorFlow before version 2.13.0 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2023-30767

Improper buffer restrictions in IntelR Optimization for TensorFlow before version 2.13.0 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2023-30767

Improper buffer restrictions in IntelR Optimization for TensorFlow before version 2.13.0 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2023-30767

CVE-2023-30767 affects Intel® Optimization for TensorFlow prior to version 2.13.0. The root cause is improper buffer restrictions/bounds checking, which may allow an authenticated local user to escalate privileges. Documented impact includes local elevation of privilege with confidential/integrit...

Intel Optimization for TensorFlow Security Vulnerability

Intel Optimization for Tensorflow is a set of tools and libraries optimized for the TensorFlow framework from Intel Corporation. A security vulnerability exists in Intel Optimization for TensorFlow prior to version 2.13.0, which stems from an improperly restricted buffer and could lead to privile...

PT-2024-1791 · Intel · Intel Optimization For Tensorflow

Name of the Vulnerable Software and Affected Versions: IntelR Optimization for TensorFlow versions prior to 2.13.0 Description: The issue is related to improper buffer restrictions, which may allow an authenticated user to potentially enable escalation of privilege via local access. It is also...

Intel® Optimization for TensorFlow Advisory

Summary: A potential security vulnerability in Intel® Optimization for TensorFlow may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-30767 Description: Improper buffer restrictions in Intel®...