14329 matches found
Stack overflow
TensorFlow is an open source platform for machine learning. If EmptyTensorList receives an input elementshape with more than one dimension, it gives a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...
Stack overflow
TensorFlow is an open source platform for machine learning. When Conv2DBackpropInput receives empty outbackprop inputs e.g. 3, 1, 0, 1, the current CPU/GPU kernels CHECK fail one with dnnl, the other with cudnn. This can be used to trigger a denial of service attack. We have patched the issue in...
Stack overflow
TensorFlow is an open source platform for machine learning. When Unbatch receives a nonscalar input id, it gives a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit 4419d10d576adefa36b0e0a9425d2569f7c0189f. The fix will be included in TensorFlow...
Stack overflow
TensorFlow is an open source platform for machine learning. When RandomPoissonV2 receives large input shape and rates, it gives a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit 552bfced6ce4809db5f3ca305f60ff80dd40c5a3. The fix will be included i...
Stack overflow
TensorFlow is an open source platform for machine learning. When SetSize receives an input setshape that is not a 1D tensor, it gives a CHECK fails that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit cf70b79d2662c0d3c6af74583641e345fc939467. The fix...
Stack overflow
TensorFlow is an open source platform for machine learning. When CollectiveGather receives an scalar input input, it gives a CHECK fails that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit c1f491817dec39a26be3c574e86a88c30f3c4770. The fix will be...
Stack overflow
TensorFlow is an open source platform for machine learning. When DrawBoundingBoxes receives an input boxes that is not of dtype float, it gives a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit da0d65cdc1270038e72157ba35bf74b85d9bda11. The fix wi...
Stack overflow
TensorFlow is an open source platform for machine learning. If Requantize is given inputmin, inputmax, requestedoutputmin, requestedoutputmax tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...
CVE-2022-36015 Integer overflow in math ops in TensorFlow
TensorFlow is an open source platform for machine learning. When RangeSize receives values that do not fit into an int64t, it crashes. We have patched the issue in GitHub commit 37e64539cd29fcfb814c4451152a60f5d107b0f0. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this...
CVE-2022-36015 Integer overflow in math ops in TensorFlow
TensorFlow is an open source platform for machine learning. When RangeSize receives values that do not fit into an int64t, it crashes. We have patched the issue in GitHub commit 37e64539cd29fcfb814c4451152a60f5d107b0f0. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this...
CVE-2022-36015 Integer overflow in math ops in TensorFlow
TensorFlow is an open source platform for machine learning. When RangeSize receives values that do not fit into an int64t, it crashes. We have patched the issue in GitHub commit 37e64539cd29fcfb814c4451152a60f5d107b0f0. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this...
CVE-2022-36015
TensorFlow CVE-2022-36015 describes an integer overflow in RangeSize: if the range value cannot fit in int64_t, the operation crashes. The issue is fixed in commit 37e64539cd29fcfb814c4451152a60f5d107b0f0 and will be included in TensorFlow 2.10.0; it will also be cherry-picked to TensorFlow 2.9.1...
CVE-2022-36015
TensorFlow is an open source platform for machine learning. When RangeSize receives values that do not fit into an int64t, it crashes. We have patched the issue in GitHub commit 37e64539cd29fcfb814c4451152a60f5d107b0f0. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this...
CVE-2022-36012
TensorFlow vulnerability CVE-2022-36012: when mlir::tfg::ConvertGenericFunctionToFunctionDef processes empty function attributes, TensorFlow crashes. A patch (commit ad069af92392efee1418c48ff561fd3070a03d7b) fixes the issue and will be included in TensorFlow 2.10.0, with cherry-picks to 2.9.1, 2....
CVE-2022-36012 Assertion fail on MLIR empty edge names in TensorFlow
TensorFlow is an open source platform for machine learning. When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it crashes. We have patched the issue in GitHub commit ad069af92392efee1418c48ff561fd3070a03d7b. The fix will be included in TensorFlow 2.10.0. We wi...
CVE-2022-36012
TensorFlow is an open source platform for machine learning. When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it crashes. We have patched the issue in GitHub commit ad069af92392efee1418c48ff561fd3070a03d7b. The fix will be included in TensorFlow 2.10.0. We wi...
CVE-2022-36012 Assertion fail on MLIR empty edge names in TensorFlow
TensorFlow is an open source platform for machine learning. When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it crashes. We have patched the issue in GitHub commit ad069af92392efee1418c48ff561fd3070a03d7b. The fix will be included in TensorFlow 2.10.0. We wi...
CVE-2022-35996
TensorFlow’s CVE-2022-35996 describes a DoS due to a division-by-zero in Conv2D when given an empty input with valid filter/padding, producing all-zeros output. The issue was patched in the GitHub commit 611d80db29dd7b0cfb755772c69d60ae5bca05f9, and the fix is scheduled for TensorFlow 2.10.0. Mai...
CVE-2022-35996 Floating point exception in `Conv2D` in TensorFlow
TensorFlow is an open source platform for machine learning. If Conv2D is given empty input and the filter and padding sizes are valid, the output is all-zeros. This causes division-by-zero floating point exceptions that can be used to trigger a denial of service attack. We have patched the issue ...
CVE-2022-35996 Floating point exception in `Conv2D` in TensorFlow
TensorFlow is an open source platform for machine learning. If Conv2D is given empty input and the filter and padding sizes are valid, the output is all-zeros. This causes division-by-zero floating point exceptions that can be used to trigger a denial of service attack. We have patched the issue ...