PT-2025-40636

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An integer overflow issue exists in the stripe io hints function when handling excessively large chunk sizes. This could lead to incorrect setting of io min and io opt limits...

GHSA-VGVH-2PF4-JR2X TensorFlow vulnerable to segfault in `QuantizeDownAndShrinkRange`

Impact If QuantizeDownAndShrinkRange is given nonscalar inputs for inputmin or inputmax, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf outtype = tf.quint8 input = tf.constant1, shape=3, dtype=tf.qint32 inputmin = tf.constant,...

PT-2022-23073 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: TensorFlow is an open source platform for machine learning. If...

GHSA-3H8M-483J-7XXM Heap out of bounds read in `RequantizationRange`

Impact The implementation of tf.rawops.MaxPoolGradWithArgmax can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs: python import tensorflow as tf input = tf.constant1, shape=1, dtype=tf.qint32 inputmax = tf.constant, dtype=tf.float32 inputmin =...

PYSEC-2021-206

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGradWithArgmax can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The...

PT-2021-18320 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2 and earlier TensorFlow versions 2.3.3 and earlier TensorFlow versions 2.2.3 and earlier TensorFlow versions 2.1.4 and earlier Description: The implementation of tf.raw...