4 matches found
Integer Overflow
tensorflow is vulnerable to integer overflow. The vulnerability exists in CalculateTensorSize function of oplevelcostestimator.cc because the input size has not been checked which allows an attacker to insert large numbers of elements that causes an application crash...
GHSA-C94W-C95P-PHF8 Integer overflow in Tensorflow
Impact The implementation of OpLevelCostEstimator::CalculateTensorSize is vulnerable to an integer overflow if an attacker can create an operation which would involve a tensor with large enough number of elements: cc int64t OpLevelCostEstimator::CalculateTensorSize const OpInfo::TensorProperties&...
CVE-2022-23575
TensorFlow vulnerability CVE-2022-23575 arises from an integer overflow in OpLevelCostEstimator::CalculateTensorSize when processing an operation with a very large tensor. The issue affects TensorFlow and was mitigated by a patch in TensorFlow 2.8.0, with cherry-picks to 2.7.1, 2.6.3, and 2.5.3 (...
CVE-2022-23575 Integer overflow in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. The implementation of OpLevelCostEstimator::CalculateTensorSize is vulnerable to an integer overflow if an attacker can create an operation which would involve a tensor with large enough number of elements. The fix will be included in...