4658 matches found
CVE-2022-35998
TensorFlow is an open source platform for machine learning. If EmptyTensorList receives an input elementshape with more than one dimension, it gives a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...
GHSA-QXPX-J395-PW36 TensorFlow vulnerable to segfault in `LowerBound` and `UpperBound`
Impact If LowerBound or UpperBound is given an emptysortedinputs input, it results in a nullptr dereference, leading to a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf outtype = tf.int32 sortedinputs = tf.constant, shape=10,0, dtype=tf.float32...
GHSA-Q5JV-M6QW-5G37 TensorFlow vulnerable to floating point exception in `Conv2D`
Impact If Conv2D is given empty input and the filter and padding sizes are valid, the output is all-zeros. This causes division-by-zero floating point exceptions that can be used to trigger a denial of service attack. python import tensorflow as tf import numpy as np with tf.device"CPU": also can...
GHSA-FQXC-PVF8-2W9V TensorFlow vulnerable to null dereference on MLIR on empty function attributes
Impact Eig can be fed an incorrect Tout input, resulting in a CHECK fail that can trigger a denial of service attack. python import tensorflow as tf import numpy as np arg0=tf.constantvalue=np.random.randomsize=2, 2, shape=2, 2, dtype=tf.float32 arg1=tf.complex128 arg2=True arg3=''...
GHSA-828C-5J5Q-VRJQ TensorFlow vulnerable to null-dereference in `mlir::tfg::GraphDefImporter::ConvertNodeDef`
Impact When mlir::tfg::GraphDefImporter::ConvertNodeDef tries to convert NodeDefs without an op name, it crashes. cpp Status GraphDefImporter::ConvertNodeDefOpBuilder &builder, ConversionState &s, const NodeDef &node VLOG4 opdef; else auto it = functionopdefs.findnode.op; if it ==...
GHSA-FV43-93GV-VM8F TensorFlow vulnerable to null dereference on MLIR on empty function attributes
Impact When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it gives a null dereference. cpp // Import the function attributes with a tf. prefix to match the current // infrastructure expectations. for const auto& namedAttr : func.attr const std::string& name =...
CVE-2022-35986
TensorFlow is an open source platform for machine learning. If RaggedBincount is given an empty input tensor splits, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 7a4591fd4f065f4fa903593bc39b2f79530a74b8. The fix will b...
CVE-2022-35988
TensorFlow is an open source platform for machine learning. When tf.linalg.matrixrank receives an empty input a, the GPU kernel gives a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit c55b476aa0e0bd4ee99d0f3ad18d9d706cd1260a. The fix...
GHSA-JVHC-5HHR-W3V5 TensorFlow vulnerable to assertion fail on MLIR empty edge names
Impact When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it crashes. cpp // We pre-allocate the array of operands and populate it using the // outputnametoposition and controloutputtoposition populated // previously. SmallVector retvalsfunc.retsize +...
CVE-2022-35965
TensorFlow is an open source platform for machine learning. If LowerBound or UpperBound is given an emptysortedinputs input, it results in a nullptr dereference, leading to a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...
GHSA-37JF-MJV6-XFQW TensorFlow vulnerable to `CHECK` fail in `Conv2DBackpropInput`
Impact When Conv2DBackpropInput receives empty outbackprop inputs e.g. 3, 1, 0, 1, the current CPU/GPU kernels CHECK fail one with dnnl, the other with cudnn. This can be used to trigger a denial of service attack. python import tensorflow as tf import numpy as np inputsizes = 3, 1, 1, 2 filter =...
PT-2022-23084 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1, 2.8.1, and 2.7.2 Description: The issue occurs when RaggedBincount is given an empty input tensor splits, resulting in a segfault that can be used to trigger a denial of service...
Google TensorFlow 代码问题漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google, Inc. in the United States. Google TensorFlow suffers from a code issue vulnerability that stems from the fact that it crashes when mlir::tfg::TFOp::nameAttr receives an empty type list attribute. Th...
PT-2022-23094 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.0 through 2.9.0 TensorFlow versions 2.8.0 through 2.8.0 TensorFlow versions 2.7.0 through 2.7.1 Description: The issue occurs when the Conv2D function is given an empty input and val...
PT-2022-23064 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue arises when LowerBound or UpperBound is given an empty sorted inputs...
PT-2022-23111 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue occurs when the mlir::tfg::ConvertGenericFunctionToFunctionDef functi...
PT-2022-23099 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue arises when mlir::tfg::ConvertGenericFunctionToFunctionDef is given...
PT-2022-23112 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue occurs when mlir::tfg::ConvertGenericFunctionToFunctionDef is given...
PT-2022-23086 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue occurs when the tf.linalg.matrix rank function receives an empty inpu...
PT-2022-23096 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue arises when EmptyTensorList receives an input element shape with more...