663 matches found
PYSEC-2020-282
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the Shard API in TensorFlow expects the last argument to be a function taking two int64 i.e., long long arguments. However, there are several places in TensorFlow where a lambda taking int or int32 arguments is being used. In...
PYSEC-2020-317
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the Shard API in TensorFlow expects the last argument to be a function taking two int64 i.e., long long arguments. However, there are several places in TensorFlow where a lambda taking int or int32 arguments is being used. In...
PYSEC-2020-282
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the Shard API in TensorFlow expects the last argument to be a function taking two int64 i.e., long long arguments. However, there are several places in TensorFlow where a lambda taking int or int32 arguments is being used. In...
CVE-2020-15202
CVE-2020-15202 : TensorFlow Shard API truncation bug affects multiple releases (1.15.4, 2.0.3, 2.1.2, 2.2.1, 2.3.1). A lambda taking int/int32 instead of int64 in work-parallelization can cause integer truncation, leading to segfaults, out-of-bounds reads/writes, stack overflows, or data corrupti...
CVE-2020-15202 Integer truncation in Shard API usage
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the Shard API in TensorFlow expects the last argument to be a function taking two int64 i.e., long long arguments. However, there are several places in TensorFlow where a lambda taking int or int32 arguments is being used. In...
CVE-2020-15202
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the Shard API in TensorFlow expects the last argument to be a function taking two int64 i.e., long long arguments. However, there are several places in TensorFlow where a lambda taking int or int32 arguments is being used. In...
GHSA-H6FG-MJXG-HQQ4 Integer truncation in Shard API usage
Impact The Shard API in TensorFlow expects the last argument to be a function taking two int64 i.e., long long arguments: https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/core/util/worksharder.hL59-L60 However, there are several places in TensorFlo...
Integer truncation in Shard API usage
Impact The Shard API in TensorFlow expects the last argument to be a function taking two int64 i.e., long long arguments: https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/core/util/worksharder.hL59-L60 However, there are several places in TensorFlo...
PT-2020-14273 · Google +1 · Tensorflow +1
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 1.15.4 TensorFlow versions prior to 2.0.3 TensorFlow versions prior to 2.1.2 TensorFlow versions prior to 2.2.1 TensorFlow versions prior to 2.3.1 Description: The Shard API in TensorFlow expects the last argument...
dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair()
A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index a UInt is copied and truncated into a uint16, which can lead to out of bound indexing and possible memory corruption...
Moderate: Red Hat Security Advisory: dpdk security, bug fix, and enhancement update
An update for dpdk is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
RHEL 8 : openvswitch2.11 (RHSA-2020:2297)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2297 advisory. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic...
RHEL 8 : openvswitch2.13 (RHSA-2020:2295)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2295 advisory. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic...
SUSE-SU-2020:1430-1 Security update for dpdk
This update for dpdk to 17.11.7 fixes the following issues: Security issues fixed: - CVE-2020-10722: Fixed an integer overflow in vhostusersetlogbase bsc1171477 bsc1171930. - CVE-2020-10723: Fixed an integer truncation in vhostusercheckandallocqueuepair bsc1171477...
dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair()
A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index a UInt is copied and truncated into a uint16, which can lead to out of bound indexing and possible memory corruption...
OPENSUSE-SU-2020:0693-1 Security update for dpdk
This update for dpdk fixes the following issues: Security issues fixed: - CVE-2020-10722: Fixed an integer overflow in vhostusersetlogbase bsc1171477. - CVE-2020-10723: Fixed an integer truncation in vhostusercheckandallocqueuepair bsc1171477. - CVE-2020-10724: Fixed a missing inputs validation i...
SUSE SLED15 / SLES15 Security Update : dpdk (SUSE-SU-2020:1335-1)
This update for dpdk fixes the following issues : Security issues fixed : CVE-2020-10722: Fixed an integer overflow in vhostusersetlogbase bsc1171477. CVE-2020-10723: Fixed an integer truncation in vhostusercheckandallocqueuepair bsc1171477. CVE-2020-10724: Fixed a missing inputs validation in...
CVE-2020-10723
A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index a UInt is copied and truncated into a uint16, which can lead to out of bound indexing and possible memory corruption...
DEBIAN-CVE-2020-10723
A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index a UInt is copied and truncated into a uint16, which can lead to out of bound indexing and possible memory corruption...
CVE-2020-10723
A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index a UInt is copied and truncated into a uint16, which can lead to out of bound indexing and possible memory corruption...