JLSEC-2025-6 An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack t...

An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose...

AZL-68100 CVE-2025-55551 affecting package pytorch 2.2.2-12

An issue in the component torch.linalg.lu of pytorch v2.8.0 allows attackers to cause a Denial of Service DoS when performing a slice operation...

PYSEC-2025-203

An issue in the component torch.linalg.lu of pytorch v2.8.0 allows attackers to cause a Denial of Service DoS when performing a slice operation...

PyTorch 安全漏洞

PyTorch is a Python package open-sourced by PyTorch. An unspecified vulnerability exists in the PyTorch torch.linalg.lu component, which can be exploited by an attacker to cause a denial of service...

TensorFlow has null dereference on ParallelConcat with XLA

...

TensorFlow has Floating Point Exception in AvgPoolGrad with XLA

...

TensorFlow has Segfault in Bincount with XLA

...

TensorFlow has Floating Point Exception in TensorListSplit with XLA

...

TensorFlow has Null Pointer Error in RandomShuffle with XLA enable

...

[SECURITY] Fedora 40 Update: octave-8.4.0-6.fc40

GNU Octave is a high-level language, primarily intended for numerical computations. It provides a convenient command line interface for solving linear and nonlinear problems numerically, and for performing other numerical experiments using a language that is mostly compatible with Matlab. It may...

Enough Polynomials and Linear Algebra to Implement Kyber

I was once talking with a mathematician and trying to explain elliptic curve cryptography. Eventually, something clicked and they went "oh, that! I think there was a chapter about it in the book. You made a whole field out of it?" Yes, in cryptography we end up focusing on a very narrow slice of...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS due to a floating point exception in TensorListSplit with XLA. PoC import tensorflow as tf func = tf.rawops.TensorListSplit para = 'tensor': 1, 'elementshape': -1, 'lengths': 0 @tf.functionjitcompile=True def...

AZL-35321 CVE-2023-25676 affecting package tensorflow for versions less than 2.11.1-1

TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.ParallelConcat segfaults with a nullptr dereference when given a parameter shape with rank that is not greater than zero. A fix is available in TensorFlow 2.12.0 and 2.11.1...

AZL-35318 CVE-2023-25673 affecting package tensorflow for versions less than 2.11.1-1

TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a Floating Point Exception in TensorListSplit with XLA. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

AZL-31213 CVE-2023-25673 affecting package tensorflow for versions less than 2.11.1-1

TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a Floating Point Exception in TensorListSplit with XLA. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

CVE-2023-25673

TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a Floating Point Exception in TensorListSplit with XLA. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

CVE-2023-25674

TensorFlow is an open source machine learning platform. Versions prior to 2.12.0 and 2.11.1 have a null pointer error in RandomShuffle with XLA enabled. A fix is included in TensorFlow 2.12.0 and 2.11.1...

CVE-2023-25676

TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.ParallelConcat segfaults with a nullptr dereference when given a parameter shape with rank that is not greater than zero. A fix is available in TensorFlow 2.12.0 and 2.11.1...

GHSA-GF97-Q72M-7579 TensorFlow has Null Pointer Error in RandomShuffle with XLA enable

Impact NPE in RandomShuffle with XLA enable python import tensorflow as tf func = tf.rawops.RandomShuffle para = 'value': 1e+20, 'seed': -4294967297, 'seed2': -2147483649 @tf.functionjitcompile=True def test: y = funcpara return y test Patches We have patched the issue in GitHub commit...

PYSEC-2022-158

Tensorflow is an Open Source Machine Learning Framework. When building an XLA compilation cache, if default settings are used, TensorFlow triggers a null pointer dereference. In the default scenario, all devices are allowed, so flr-configproto is nullptr. The fix will be included in TensorFlow...