GHSA-VGVH-2PF4-JR2X TensorFlow vulnerable to segfault in `QuantizeDownAndShrinkRange`

Impact If QuantizeDownAndShrinkRange is given nonscalar inputs for inputmin or inputmax, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf outtype = tf.quint8 input = tf.constant1, shape=3, dtype=tf.qint32 inputmin = tf.constant,...

PT-2022-23073 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: TensorFlow is an open source platform for machine learning. If...

GHSA-3H8M-483J-7XXM Heap out of bounds read in `RequantizationRange`

Impact The implementation of tf.rawops.MaxPoolGradWithArgmax can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs: python import tensorflow as tf input = tf.constant1, shape=1, dtype=tf.qint32 inputmax = tf.constant, dtype=tf.float32 inputmin =...

PT-2021-18320 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2 and earlier TensorFlow versions 2.3.3 and earlier TensorFlow versions 2.2.3 and earlier TensorFlow versions 2.1.4 and earlier Description: The implementation of tf.raw...