3 matches found
SUSE CVE-2020-15195
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of SparseFillEmptyRowsGrad uses a double indexing pattern. It is possible for reverseindexmapi to be an index outside of bounds of gradvalues, thus resulting in a heap buffer overflow. The issue is patched in...
Google TensorFlow Buffer Overflow Vulnerability (CNVD-2020-54782)
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A security vulnerability exists in Tensorflow SparseFillEmptyRowsGrad versions prior to 1.15.4, 2.0.3, 2.1.2, 2.2.1, 2.3.1, and 2.3.1, which arises from a networked system or product that perfor...
GHSA-63XM-RX5P-XVQR Heap buffer overflow in Tensorflow
Impact The implementation of SparseFillEmptyRowsGrad uses a double indexing pattern: https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/core/kernels/sparsefillemptyrowsop.ccL263-L269 It is possible for reverseindexmapi to be an index outside of bound...