47 matches found
Undefined behavior in Tensorflow
Impact If a user passes an invalid argument to dlpack.todlpack the expected validations will cause variables to bind to nullptr while setting a status variable to the error condition. However, this status argument is not properly checked:...
GHSA-Q8QJ-FC9Q-CPHR Undefined behavior in Tensorflow
Impact If a user passes an invalid argument to dlpack.todlpack the expected validations will cause variables to bind to nullptr while setting a status variable to the error condition. However, this status argument is not properly checked:...
GHSA-8FXW-76PX-3RXV Memory leak in Tensorflow
Impact If a user passes a list of strings to dlpack.todlpack there is a memory leak following an expected validation failure: https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/c/eager/dlpack.ccL100-L104 The allocated memory is from...
Memory leak in Tensorflow
Impact If a user passes a list of strings to dlpack.todlpack there is a memory leak following an expected validation failure: https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/c/eager/dlpack.ccL100-L104 The allocated memory is from...
PT-2020-14262 · Google +1 · Tensorflow +1
Name of the Vulnerable Software and Affected Versions: Tensorflow versions prior to 2.2.1 Tensorflow versions prior to 2.3.1 Description: The issue arises when a user passes an invalid argument to dlpack.to dlpack, causing variables to bind to nullptr while setting a status variable to the error...
PT-2020-14264 · Google +1 · Tensorflow +1
Name of the Vulnerable Software and Affected Versions: Tensorflow versions prior to 2.2.1 Tensorflow versions prior to 2.3.1 Description: The implementation of dlpack.to dlpack can be made to use uninitialized memory, resulting in further memory corruption. This occurs because the pybind11 glue...
PT-2020-14263 · Google +1 · Tensorflow +1
Name of the Vulnerable Software and Affected Versions: Tensorflow versions prior to 2.2.1 Tensorflow versions prior to 2.3.1 Description: The issue occurs when a user passes a list of strings to dlpack.to dlpack, resulting in a memory leak following an expected validation failure. This happens...