Lucene search
K

8 matches found

CNVD
CNVD
added 2022/11/23 12:0 a.m.27 views

Google TensorFlow Buffer Overflow Vulnerability (CNVD-2022-80683)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a buffer overflow vulnerability that stems from the lack of proper validation of user-supplied data by Bcast::ToShape, which can be exploited by an attacker to cau...

7.5CVSS7.6AI score0.00439EPSS
Exploits1References1
Veracode
Veracode
added 2022/11/22 10:12 a.m.25 views

Denial Of Service (DoS)

Tensorflow is vulnerable to denial of service. The vulnerability exists because the input size of BCast::ToShape is not properly handled which allows an attacker to crash the application by sending inputs larger than int32...

7.5CVSS7.3AI score0.00439EPSS
Exploits1References6Affected Software3
Github Security Blog
Github Security Blog
added 2022/11/21 8:42 p.m.29 views

`CHECK` fail in `BCast` overflow

Impact If BCast::ToShape is given input larger than an int32, it will crash, despite being supposed to handle up to an int64. An example can be seen in tf.experimental.numpy.outer by passing in large input to the input b. python import tensorflow as tf value = tf.constantshape=2, 1024, 1024, 1024...

7.5CVSS7.5AI score0.00439EPSS
Exploits1References5Affected Software3
Snyk
Snyk
added 2022/11/20 9:8 a.m.4 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when BCast::ToShape is given input larger than an int32, even if it is being supposed to handle up to an int64. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible...

7.5CVSS7AI score0.00439EPSS
Exploits1References2
NVD
NVD
added 2022/11/18 10:15 p.m.22 views

CVE-2022-41890

TensorFlow is an open source platform for machine learning. If BCast::ToShape is given input larger than an int32, it will crash, despite being supposed to handle up to an int64. An example can be seen in tf.experimental.numpy.outer by passing in large input to the input b. We have patched the...

7.5CVSS0.00439EPSS
Exploits1References3
Prion
Prion
added 2022/11/18 10:15 p.m.24 views

Design/Logic Flaw

TensorFlow is an open source platform for machine learning. If BCast::ToShape is given input larger than an int32, it will crash, despite being supposed to handle up to an int64. An example can be seen in tf.experimental.numpy.outer by passing in large input to the input b. We have patched the...

5CVSS7.9AI score0.00439EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/11/18 12:0 a.m.25 views

CVE-2022-41890 `CHECK` fail in `BCast` overflow in Tensorflow

TensorFlow is an open source platform for machine learning. If BCast::ToShape is given input larger than an int32, it will crash, despite being supposed to handle up to an int64. An example can be seen in tf.experimental.numpy.outer by passing in large input to the input b. We have patched the...

4.8CVSS7.7AI score0.00439EPSS
Exploits1References5
CVE
CVE
added 2022/11/18 12:0 a.m.109 views

CVE-2022-41890

CVE-2022-41890 (TensorFlow) : A bug in BCast::ToShape can crash TensorFlow when given input larger than int32, despite intended int64 support. A GitHub commit (8310bf8dd188ff780e7fc53245058215a05bdbe5) patches the issue; the fix will be in TensorFlow 2.11 and will be cherry-picked to 2.10.1, 2.9....

7.5CVSS6.2AI score0.00439EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder