7041 matches found
F5 Networks BIG-IP : GNU C Library vulnerability (K64119434)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.5.1. It is, therefore, affected by a vulnerability as referenced in the K64119434 advisory. In the GNU C Library aka glibc or libc6 before 2.28, parseregexp in posix/regcomp.c misparses alternatives, which allows...
Denial Of Service (DoS)
tensorflow is vulnerable to denial of service. The vulnerability exists in ImportNodes in functiondefimport.cc because the assertion fails on MLIR when empty edge names are given which causes an application crash...
GSD-2022-1006245 jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted
jbd2: fix assertion 'jh-bfrozendata == NULL' failure when journal aborted This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.291 by commit...
GSD-2022-1006142 jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted
jbd2: fix assertion 'jh-bfrozendata == NULL' failure when journal aborted This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.256 by commit...
GSD-2022-1005839 jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted
jbd2: fix assertion 'jh-bfrozendata == NULL' failure when journal aborted This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.137 by commit...
GSD-2022-1005581 jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted
jbd2: fix assertion 'jh-bfrozendata == NULL' failure when journal aborted This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.61 by commit...
PT-2022-33839 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.61 Description: The issue is related to a potential security vulnerability in the jbd2 module of the Linux Kernel. The problem arises when a journal is aborted, leading to an assertion failure. The actual...
GSD-2022-1005229 jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted
jbd2: fix assertion 'jh-bfrozendata == NULL' failure when journal aborted This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.2 by commit...
CVE-2022-36012 Assertion fail on MLIR empty edge names in TensorFlow
TensorFlow is an open source platform for machine learning. When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it crashes. We have patched the issue in GitHub commit ad069af92392efee1418c48ff561fd3070a03d7b. The fix will be included in TensorFlow 2.10.0. We wi...
CVE-2022-40755
JasPer 3.0.6 allows denial of service via a reachable assertion in the function inttobits in libjasper/base/jasimage.c...
GHSA-JVHC-5HHR-W3V5 TensorFlow vulnerable to assertion fail on MLIR empty edge names
Impact When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it crashes. cpp // We pre-allocate the array of operands and populate it using the // outputnametoposition and controloutputtoposition populated // previously. SmallVector retvalsfunc.retsize +...
TensorFlow vulnerable to assertion fail on MLIR empty edge names
Impact When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it crashes. cpp // We pre-allocate the array of operands and populate it using the // outputnametoposition and controloutputtoposition populated // previously. SmallVector retvalsfunc.retsize +...
GHSA-F4W6-H4F5-WX45 TensorFlow vulnerable to `CHECK` failure in tf.reshape via overflows
Impact The implementation of tf.reshape op in TensorFlow is vulnerable to a denial of service via CHECK-failure assertion failure caused by overflowing the number of elements in a tensor: python import tensorflow as tf tf.reshapetensor=1,shape=tf.constant0 for i in range255, dtype=tf.int64 This i...
GHSA-97P7-W86H-VCF9 TensorFlow vulnerable to `CHECK` failure in `SobolSample` via missing validation
Impact The implementation of SobolSampleOp is vulnerable to a denial of service via CHECK-failure assertion failure caused by assuming input0, input1, and input2 to be scalar. python import tensorflow as tf tf.rawops.SobolSampledim=tf.constant1,0, numresults=tf.constant1, skip=tf.constant1 Patche...
TensorFlow vulnerable to `CHECK` failure in `SobolSample` via missing validation
Impact The implementation of SobolSampleOp is vulnerable to a denial of service via CHECK-failure assertion failure caused by assuming input0, input1, and input2 to be scalar. python import tensorflow as tf tf.rawops.SobolSampledim=tf.constant1,0, numresults=tf.constant1, skip=tf.constant1 Patche...
CVE-2022-35935 `CHECK` failure in `SobolSample` via missing validation in TensorFlow
TensorFlow is an open source platform for machine learning. The implementation of SobolSampleOp is vulnerable to a denial of service via CHECK-failure assertion failure caused by assuming input0, input1, and input2 to be scalar. This issue has been patched in GitHub commit...
CVE-2022-35935 `CHECK` failure in `SobolSample` via missing validation in TensorFlow
TensorFlow is an open source platform for machine learning. The implementation of SobolSampleOp is vulnerable to a denial of service via CHECK-failure assertion failure caused by assuming input0, input1, and input2 to be scalar. This issue has been patched in GitHub commit...
CVE-2022-35934
TensorFlow is an open source platform for machine learning. The implementation of tf.reshape op in TensorFlow is vulnerable to a denial of service via CHECK-failure assertion failure caused by overflowing the number of elements in a tensor. This issue has been patched in GitHub commit...
Google TensorFlow 安全漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google, Inc. in the United States. A security vulnerability exists in Google TensorFlow, which stems from an assertion failure in the GPU kernel when MaxPool receives a window-sized input array ksize with a...
Google TensorFlow 安全漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google, Inc. in the United States. A security vulnerability exists in Google TensorFlow, which stems from a denial-of-service attack triggered by an assertion failure given when tf.random.gamma receives a...