Lucene search
K

34 matches found

Github Security Blog
Github Security Blog
added 2022/09/16 10:31 p.m.57 views

TensorFlow vulnerable to `CHECK` fail in `Save` and `SaveSlices`

Impact If Save or SaveSlices is run over tensors of an unsupported dtype, it results in a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf filename = tf.constant"" tensornames = tf.constant"" Save data = tf.casttf.random.uniformshape=1,...

7.5CVSS7.5AI score0.00396EPSS
Exploits0References5Affected Software3
Github Security Blog
Github Security Blog
added 2022/09/16 10:30 p.m.38 views

TensorFlow vulnerable to `CHECK` fail in `ParameterizedTruncatedNormal`

Impact ParameterizedTruncatedNormal assumes shape is of type int32. A valid shape of type int64 results in a mismatched type CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf seed = 1618 seed2 = 0 shape = tf.random.uniformshape=3, minval=-10000,...

7.5CVSS7.4AI score0.00396EPSS
Exploits0References5Affected Software3
Github Security Blog
Github Security Blog
added 2022/09/16 10:29 p.m.33 views

TensorFlow vulnerable to `CHECK` fail in `LRNGrad`

Impact If LRNGrad is given an outputimage input tensor that is not 4-D, it results in a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf depthradius = 1 bias = 1.59018219 alpha = 0.117728651 beta = 0.404427052 inputgrads = tf.random.uniformshape=4,...

7.5CVSS7.4AI score0.00396EPSS
Exploits0References5Affected Software3
Github Security Blog
Github Security Blog
added 2022/09/16 10:29 p.m.28 views

TensorFlow vulnerable to segfault in `RaggedBincount`

Impact If RaggedBincount is given an empty input tensor splits, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf binaryoutput = True splits = tf.random.uniformshape=0, minval=-10000, maxval=10000, dtype=tf.int64, seed=-7430 values =...

7.5CVSS7.4AI score0.00423EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2022/09/16 10:27 p.m.29 views

TensorFlow vulnerable to segfault in `SparseBincount`

Impact If SparseBincount is given inputs for indices, values, and denseshape that do not make a valid sparse tensor, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf binaryoutput = True indices = tf.random.uniformshape=, minval=-10000...

7.5CVSS7.4AI score0.00423EPSS
Exploits0References5Affected Software3
Github Security Blog
Github Security Blog
added 2022/09/16 10:26 p.m.27 views

TensorFlow vulnerable to `CHECK` fail in `FractionalMaxPoolGrad`

Impact FractionalMaxPoolGrad validates its inputs with CHECK failures instead of with returning errors. If it gets incorrectly sized inputs, the CHECK failure can be used to trigger a denial of service attack: python import tensorflow as tf overlapping = True originput = tf.constant.453409232,...

7.5CVSS7.4AI score0.00396EPSS
Exploits0References5Affected Software3
Github Security Blog
Github Security Blog
added 2022/09/16 10:23 p.m.34 views

TensorFlow vulnerable to segfault in `QuantizeDownAndShrinkRange`

Impact If QuantizeDownAndShrinkRange is given nonscalar inputs for inputmin or inputmax, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf outtype = tf.quint8 input = tf.constant1, shape=3, dtype=tf.qint32 inputmin = tf.constant,...

7.5CVSS7.5AI score0.00423EPSS
Exploits0References5Affected Software3
Github Security Blog
Github Security Blog
added 2022/09/16 10:22 p.m.26 views

TensorFlow vulnerable to segfault in `QuantizedMatMul`

Impact If QuantizedMatMul is given nonscalar input for: - mina - maxa - minb - maxb It gives a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf Toutput = tf.qint32 transposea = False transposeb = False Tactivation = tf.quint8 a = tf.constant7,...

7.5CVSS7.4AI score0.00423EPSS
Exploits0References5Affected Software3
Github Security Blog
Github Security Blog
added 2022/09/16 10:20 p.m.39 views

TensorFlow vulnerable to segfault in `QuantizedBiasAdd`

Impact If QuantizedBiasAdd is given mininput, maxinput, minbias, maxbias tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf outtype = tf.qint32 input = tf.constant85,170,255, shape=3, dtype=tf.quint8 bias =...

7.5CVSS7.2AI score0.00409EPSS
Exploits0References5Affected Software3
Github Security Blog
Github Security Blog
added 2022/09/16 10:20 p.m.31 views

TensorFlow vulnerable to `CHECK` fail in `FakeQuantWithMinMaxVars`

Impact If FakeQuantWithMinMaxVars is given min or max tensors of a nonzero rank, it results in a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf numbits = 8 narrowrange = False inputs = tf.constant0, shape=2,3, dtype=tf.float32 min = tf.constant0,...

7.5CVSS7.5AI score0.00383EPSS
Exploits0References5Affected Software3
Github Security Blog
Github Security Blog
added 2022/09/16 10:17 p.m.24 views

TensorFlow vulnerable to segfault in `QuantizedInstanceNorm`

Impact If QuantizedInstanceNorm is given xmin or xmax tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf outputrangegiven = False givenymin = 0 givenymax = 0 varianceepsilon = 1e-05 minseparation = 0.001 x =...

7.5CVSS7.5AI score0.00423EPSS
Exploits0References5Affected Software3
Github Security Blog
Github Security Blog
added 2022/09/16 10:16 p.m.32 views

TensorFlow vulnerable to `CHECK` fail in `AvgPoolGrad`

Impact The implementation of AvgPoolGrad does not fully validate the input originputshape. This results in a CHECK failure which can be used to trigger a denial of service attack: python import tensorflow as tf ksize = 1, 2, 2, 1 strides = 1, 2, 2, 1 padding = "VALID" dataformat = "NHWC"...

7.5CVSS7.4AI score0.00396EPSS
Exploits0References5Affected Software3
Github Security Blog
Github Security Blog
added 2022/09/16 10:15 p.m.39 views

TensorFlow vulnerable to `CHECK` fail in `FakeQuantWithMinMaxVarsPerChannelGradient`

Impact When tf.quantization.fakequantwithminmaxvarsperchannelgradient receives input min or max of rank other than 1, it gives a CHECK fail that can trigger a denial of service attack. python import tensorflow as tf arg0=tf.random.uniformshape=1,1, dtype=tf.float32, maxval=None...

7.5CVSS7.5AI score0.00383EPSS
Exploits0References5Affected Software3
Github Security Blog
Github Security Blog
added 2022/09/16 10:14 p.m.34 views

TensorFlow vulnerable to segfault in `LowerBound` and `UpperBound`

Impact If LowerBound or UpperBound is given an emptysortedinputs input, it results in a nullptr dereference, leading to a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf outtype = tf.int32 sortedinputs = tf.constant, shape=10,0, dtype=tf.float32...

7.5CVSS7.5AI score0.00383EPSS
Exploits0References5Affected Software3
Github Security Blog
Github Security Blog
added 2022/09/16 10:11 p.m.39 views

TensorFlow vulnerable to `CHECK` failures in `AvgPool3DGrad`

Impact The implementation of AvgPool3DGradOp does not fully validate the input originputshape. This results in an overflow that results in a CHECK failure which can be used to trigger a denial of service attack: python import tensorflow as tf ksize = 1, 1, 1, 1, 1 strides = 1, 1, 1, 1, 1 padding ...

7.5CVSS7.6AI score0.00383EPSS
Exploits0References5Affected Software3
Github Security Blog
Github Security Blog
added 2022/09/16 9:57 p.m.31 views

TensorFlow vulnerable to segfault in `Requantize`

Impact If Requantize is given inputmin, inputmax, requestedoutputmin, requestedoutputmax tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf outtype = tf.quint8 input = tf.constant1, shape=3, dtype=tf.qint32...

7.5CVSS7.4AI score0.00423EPSS
Exploits0References5Affected Software3
Github Security Blog
Github Security Blog
added 2022/09/16 9:19 p.m.30 views

TensorFlow vulnerable to `CHECK` fail in `DenseBincount`

Impact DenseBincount assumes its input tensor weights to either have the same shape as its input tensor input or to be length-0. A different weights shape will trigger a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf binaryoutput = True input =...

7.5CVSS7.4AI score0.00396EPSS
Exploits0References5Affected Software3
Github Security Blog
Github Security Blog
added 2022/09/16 9:15 p.m.90 views

TensorFlow vulnerable to `CHECK` fail in `QuantizeAndDequantizeV3`

Impact If QuantizeAndDequantizeV3 is given a nonscalar numbits input tensor, it results in a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf signedinput = True rangegiven = False narrowrange = False axis = -1 input = tf.constant-3.5, shape=1,...

7.5CVSS7.4AI score0.00396EPSS
Exploits0References5Affected Software3
Github Security Blog
Github Security Blog
added 2022/09/16 9:14 p.m.33 views

TensorFlow vulnerable to `CHECK` fail in `RaggedTensorToVariant`

Impact If RaggedTensorToVariant is given a rtnestedsplits list that contains tensors of ranks other than one, it results in a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf batchedinput = True rtnestedsplits = tf.constant0,32,64, shape=3,...

7.5CVSS7.4AI score0.00383EPSS
Exploits0References5Affected Software3
Github Security Blog
Github Security Blog
added 2022/09/16 8:51 p.m.20 views

TensorFlow vulnerable to `CHECK` failure in `SobolSample` via missing validation

Impact The implementation of SobolSampleOp is vulnerable to a denial of service via CHECK-failure assertion failure caused by assuming input0, input1, and input2 to be scalar. python import tensorflow as tf tf.rawops.SobolSampledim=tf.constant1,0, numresults=tf.constant1, skip=tf.constant1 Patche...

7.5CVSS7.4AI score0.00441EPSS
Exploits0References5Affected Software3
Rows per page
Query Builder