6 matches found
EUVD-2020-0189
Malware in sbrugna...
BIT-TENSORFLOW-2020-15191 Undefined behavior in Tensorflow
In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes an invalid argument to dlpack.todlpack the expected validations will cause variables to bind to nullptr while setting a status variable to the error condition. However, this status argument is not properly checked. Hence, code...
BIT-2020-15191
In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes an invalid argument to dlpack.todlpack the expected validations will cause variables to bind to nullptr while setting a status variable to the error condition. However, this status argument is not properly checked. Hence, code...
CVE-2020-15193
In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of dlpack.todlpack can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing stopping users from passing ...
CVE-2020-15191
In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes an invalid argument to dlpack.todlpack the expected validations will cause variables to bind to nullptr while setting a status variable to the error condition. However, this status argument is not properly checked. Hence, code...
CVE-2020-15193
CVE-2020-15193 in TensorFlow arises from dlpack.to_dlpack handling where a non-tensor Python object can lead to uninitialized memory and memory corruption due to an improper reinterpret_cast in pybind11 glue code. The issue is fixed in commit 22e07fb204386768e5bcbea563641ea11f96ceb8 and released ...