19 matches found
CVE-2023-25659
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the parameter indices for DynamicStitch does not match the shape of the parameter data, it can trigger an stack OOB read. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...
EUVD-2023-0957
Malicious code in bioql PyPI...
TensorFlow vulnerable to Out-of-Bounds Read in DynamicStitch
...
BIT-TENSORFLOW-2023-25659 TensorFlow vulnerable to Out-of-Bounds Read in DynamicStitch
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the parameter indices for DynamicStitch does not match the shape of the parameter data, it can trigger an stack OOB read. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read if the parameter indices for DynamicStitch does not match the shape of the parameter data. PoC import tensorflow as tf func = tf.rawops.DynamicStitch para='indices': 0xdeadbeef, 405, 519, 758, 1015, 'data':...
CVE-2023-25659
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the parameter indices for DynamicStitch does not match the shape of the parameter data, it can trigger an stack OOB read. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...
AZL-35305 CVE-2023-25659 affecting package tensorflow for versions less than 2.11.1-1
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the parameter indices for DynamicStitch does not match the shape of the parameter data, it can trigger an stack OOB read. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...
AZL-31201 CVE-2023-25659 affecting package tensorflow for versions less than 2.11.1-1
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the parameter indices for DynamicStitch does not match the shape of the parameter data, it can trigger an stack OOB read. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...
Stack overflow
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the parameter indices for DynamicStitch does not match the shape of the parameter data, it can trigger an stack OOB read. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...
Google TensorFlow 缓冲区错误漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google, Inc. in the United States. A buffer error vulnerability exists in Google TensorFlow version 2.12 prior to version 2.12.0 and version 2.11 prior to version 2.11.1, which stems from a stack OOB read...
CVE-2023-25659 TensorFlow vulnerable to Out-of-Bounds Read in DynamicStitch
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the parameter indices for DynamicStitch does not match the shape of the parameter data, it can trigger an stack OOB read. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...
CVE-2023-25659 TensorFlow vulnerable to Out-of-Bounds Read in DynamicStitch
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the parameter indices for DynamicStitch does not match the shape of the parameter data, it can trigger an stack OOB read. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...
CVE-2023-25659 TensorFlow vulnerable to Out-of-Bounds Read in DynamicStitch
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the parameter indices for DynamicStitch does not match the shape of the parameter data, it can trigger an stack OOB read. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...
TensorFlow vulnerable to Out-of-Bounds Read in DynamicStitch
Impact If the parameter indices for DynamicStitch does not match the shape of the parameter data, it can trigger an stack OOB read. python import tensorflow as tf func = tf.rawops.DynamicStitch para='indices': 0xdeadbeef, 405, 519, 758, 1015, 'data': 110.27793884277344, 120.29475402832031,...
GHSA-93VR-9Q9M-PJ8P TensorFlow vulnerable to Out-of-Bounds Read in DynamicStitch
Impact If the parameter indices for DynamicStitch does not match the shape of the parameter data, it can trigger an stack OOB read. python import tensorflow as tf func = tf.rawops.DynamicStitch para='indices': 0xdeadbeef, 405, 519, 758, 1015, 'data': 110.27793884277344, 120.29475402832031,...
PT-2023-20219 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.12.0 and 2.11.1 Description: The issue arises when the parameter indices for DynamicStitch does not match the shape of the parameter data, potentially triggering a stack OOB read. Recommendations: For versions...
Denial Of Service (DoS)
tensorflow is vulnerable to denial of service. The vulnerability is due to the DynamicStitch operation in the FingerprintCat128 function of execute.cc, which does not properly match the op input sizes, allowing an attacker to crash the application...
Out of bounds segmentation fault due to unequal op inputs in Tensorflow
Impact tf.rawops.DynamicStitch specifies input sizes when it is registered. cpp REGISTEROP"DynamicStitch" .Input"indices: N int32" .Input"data: N T" .Output"merged: T" .Attr"N : int = 1" .Attr"T : type" .SetShapeFnDynamicStitchShapeFunction; When it receives a differing number of inputs, such as...
PT-2022-26114 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.11 TensorFlow version 2.10.1 TensorFlow version 2.9.3 TensorFlow version 2.8.4 Description: The issue occurs when ops with specified input sizes receive a differing number of inputs, causing the executor to cras...