7 matches found
TensorFlow vulnerable to segfault in `LowerBound` and `UpperBound`
Impact If LowerBound or UpperBound is given an emptysortedinputs input, it results in a nullptr dereference, leading to a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf outtype = tf.int32 sortedinputs = tf.constant, shape=10,0, dtype=tf.float32...
CVE-2022-35965 Segfault in `LowerBound` and `UpperBound` in TensorFlow
TensorFlow is an open source platform for machine learning. If LowerBound or UpperBound is given an emptysortedinputs input, it results in a nullptr dereference, leading to a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...
Google TensorFlow 代码问题漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A code issue vulnerability exists in Google TensorFlow, which stems from the fact that if an empty sortedinputs input is provided for a LowerBound or UpperBound, it can cause nullptr dereference, an...
Heap OOB in `UpperBound` and `LowerBound`
Impact An attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to tf.rawops.UpperBound: python import tensorflow as tf tf.rawops.UpperBound sortedinput=1,2,3, values=tf.constantvalue=0,0,0,1,1,1,2,2,2,dtype=tf.int64, outtype=tf.int64 The...
PYSEC-2021-292
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to tf.rawops.UpperBound. The implementation does not validate the rank of sortedinput...
PYSEC-2021-781
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to tf.rawops.UpperBound. The implementation does not validate the rank of sortedinput...
CVE-2021-37670 Heap OOB in `UpperBound` and `LowerBound` in TensorFlow
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to tf.rawops.UpperBound. The implementation does not validate the rank of sortedinput...