CVE-2024-21766

CVE-2024-21766 involves an uncontrolled search path in Intel® oneAPI Math Kernel Library (MKL) software before version 2024.1, which may allow an authenticated local user to escalate privileges. Connected sources confirm affected products: Intel® oneAPI MKL and Intel® oneAPI Base Toolkit prior to...

PT-2024-19044 · Intel · Intel Oneapi Math Kernel Library

Name of the Vulnerable Software and Affected Versions: IntelR oneAPI Math Kernel Library versions prior to 2024.1 Description: The issue is related to an uncontrolled search path in some IntelR oneAPI Math Kernel Library software. This may allow an authenticated user to potentially enable...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in QuantizedMatMulWithBiasAndDequantize with MKL enabled. PoC import tensorflow as tf func = tf.rawops.QuantizedMatMulWithBiasAndDequantize para='a': tf.constant138, dtype=tf.quint8, 'b': tf.constant4,...

PT-2023-20232 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.12.0 TensorFlow versions prior to 2.11.1 Description: TensorFlow is an open source platform for machine learning. The issue is a null point error in QuantizedMatMulWithBiasAndDequantize with MKL enabled. A fix i...

PYSEC-2021-287

TensorFlow is an end-to-end open source platform for machine learning. In affected versions due to incomplete validation in MKL implementation of requantization, an attacker can trigger undefined behavior via binding a reference to a null pointer or can access data outside the bounds of heap...

PT-2021-21782 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.6.0 TensorFlow versions 2.5.1 and earlier TensorFlow versions 2.4.3 and earlier TensorFlow versions 2.3.4 and earlier Description: In affected versions, due to incomplete validation in MKL implementation of...

Code injection

Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives,...

Intel PSET Application Install wrapper contains an escalation of privilege vulnerability.

Summary: Intel PSET Application Install wrapper contains an escalation of privilege vulnerability. Description: Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer a...

Intel® Math Kernel Library Insecure File Permission Local Privilege Escalation

Summary: The Intel® Math Kernel Library Intel® MKL is a library of highly optimized, extensively threaded math routines for science, engineering, and financial applications that require maximum performance. An updated version of the software is available for Intel® MKL users to mitigate this...