EUVD-2021-0298

Malware in sbrugna...

CVE-2021-29557

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.SparseMatMul. The division by 0 occurs deep in Eigen code because the b tensor is empty. The fix will be included in TensorFlow 2.5.0. We will also...

BIT-TENSORFLOW-2021-29563 CHECK-fail in `tf.raw_ops.RFFT`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a CHECK-failure coming from the implementation of tf.rawops.RFFT. Eigen code operating on an empty matrix can trigger on an assertion and will cause program termination...

BIT-TENSORFLOW-2021-29575 Overflow/denial of service in `tf.raw_ops.ReverseSequence`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.ReverseSequence allows for stack overflow and/or CHECK-fail based denial of service. The...

Overflow/denial of service in `tf.raw_ops.ReverseSequence`

Impact The implementation of tf.rawops.ReverseSequence allows for stack overflow and/or CHECK-fail based denial of service. python import tensorflow as tf input = tf.zeros1, 1, 1, dtype=tf.int32 seqlengths = tf.constant0, shape=1, dtype=tf.int32 tf.rawops.ReverseSequence input=input,...

CHECK-fail in `tf.raw_ops.IRFFT`

Impact An attacker can cause a denial of service by exploiting a CHECK-failure coming from the implementation of tf.rawops.IRFFT: python import tensorflow as tf values = -10.0 130 values0 = -9.999999999999995 inputs = tf.constantvalues, shape=10, 13, dtype=tf.float32 inputs = tf.castinputs,...

GHSA-XW93-V57J-FCGH Division by 0 in `SparseMatMul`

Impact An attacker can cause a denial of service via a FPE runtime error in tf.rawops.SparseMatMul: python import tensorflow as tf a = tf.constant100.0, 100.0, 100.0, 100.0, shape=2, 2, dtype=tf.float32 b = tf.constant, shape=0, 2, dtype=tf.float32 tf.rawops.SparseMatMul a=a, b=b, transposea=True...

Division by 0 in `SparseMatMul`

Impact An attacker can cause a denial of service via a FPE runtime error in tf.rawops.SparseMatMul: python import tensorflow as tf a = tf.constant100.0, 100.0, 100.0, 100.0, shape=2, 2, dtype=tf.float32 b = tf.constant, shape=0, 2, dtype=tf.float32 tf.rawops.SparseMatMul a=a, b=b, transposea=True...

CVE-2021-29563

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a CHECK-failure coming from the implementation of tf.rawops.RFFT. Eigen code operating on an empty matrix can trigger on an assertion and will cause program termination...

CVE-2021-29563

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a CHECK-failure coming from the implementation of tf.rawops.RFFT. Eigen code operating on an empty matrix can trigger on an assertion and will cause program termination...

CVE-2021-29557

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.SparseMatMul. The division by 0 occurs deep in Eigen code because the b tensor is empty. The fix will be included in TensorFlow 2.5.0. We will also...

CVE-2021-29557

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.SparseMatMul. The division by 0 occurs deep in Eigen code because the b tensor is empty. The fix will be included in TensorFlow 2.5.0. We will also...

PYSEC-2021-485

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.SparseMatMul. The division by 0 occurs deep in Eigen code because the b tensor is empty. The fix will be included in TensorFlow 2.5.0. We will also...

PYSEC-2021-503

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.ReverseSequence allows for stack overflow and/or CHECK-fail based denial of service. The...

Code injection

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.SparseMatMul. The division by 0 occurs deep in Eigen code because the b tensor is empty. The fix will be included in TensorFlow 2.5.0. We will also...

CVE-2021-29557 Division by 0 in `SparseMatMul`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.rawops.SparseMatMul. The division by 0 occurs deep in Eigen code because the b tensor is empty. The fix will be included in TensorFlow 2.5.0. We will also...

CVE-2021-29563 CHECK-fail in `tf.raw_ops.RFFT`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a CHECK-failure coming from the implementation of tf.rawops.RFFT. Eigen code operating on an empty matrix can trigger on an assertion and will cause program termination...

CVE-2021-29575

CVE-2021-29575 targets TensorFlow’s tf.raw_ops.ReverseSequence. Concrete details from connected docs show the root cause: the operation does not validate seq_dim and batch_dim, allowing negative values to cause stack overflow or CHECK-fail Denial of Service (local). Impact is a local DoS conditio...

CVE-2021-29575 Overflow/denial of service in `tf.raw_ops.ReverseSequence`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.ReverseSequence allows for stack overflow and/or CHECK-fail based denial of service. The...

PT-2021-18308 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow version 2.4.2 TensorFlow version 2.3.3 TensorFlow version 2.2.3 TensorFlow version 2.1.4 Description: An attacker can cause a denial of service via a FPE runtime error in tf.raw ops.SparseMatMul...