18 matches found
CVE-2021-41211
TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for QuantizeV2 can trigger a read outside of bounds of heap allocated array. This occurs whenever axis is a negative value less than -1. In this case, we are accessing data before the start o...
CVE-2021-37645
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.rawops.QuantizeAndDequantizeV4Grad is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on thi...
CVE-2021-37685
TensorFlow is an end-to-end open source platform for machine learning. In affected versions TFLite's expanddims.cc contains a vulnerability which allows reading one element outside of bounds of heap allocated data. If axis is a large negative value e.g., -100000, then after the first if it would...
SUSE CVE-2021-37685
TensorFlow is an end-to-end open source platform for machine learning. In affected versions TFLite's expanddims.cc contains a vulnerability which allows reading one element outside of bounds of heap allocated data. If axis is a large negative value e.g., -100000, then after the first if it would...
GHSA-49RX-X2RW-PC6F Heap OOB read in all `tf.raw_ops.QuantizeAndDequantizeV*` ops
Impact The shape inference functions for the QuantizeAndDequantizeV operations can trigger a read outside of bounds of heap allocated array as illustrated in the following sets of PoCs: python import tensorflow as tf @tf.function def test: data=tf.rawops.QuantizeAndDequantizeV4Grad...
Heap OOB in shape inference for `QuantizeV2`
Impact The shape inference code for QuantizeV2 can trigger a read outside of bounds of heap allocated array: python import tensorflow as tf @tf.function def test: data=tf.rawops.QuantizeV2 input=1.0,1.0, minrange=1.0,10.0, maxrange=1.0,10.0, T=tf.qint32, mode='MINCOMBINED', roundmode='HALFTOEVEN'...
GHSA-CVGX-3V3Q-M36C Heap OOB in shape inference for `QuantizeV2`
Impact The shape inference code for QuantizeV2 can trigger a read outside of bounds of heap allocated array: python import tensorflow as tf @tf.function def test: data=tf.rawops.QuantizeV2 input=1.0,1.0, minrange=1.0,10.0, maxrange=1.0,10.0, T=tf.qint32, mode='MINCOMBINED', roundmode='HALFTOEVEN'...
PYSEC-2021-403
TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for QuantizeV2 can trigger a read outside of bounds of heap allocated array. This occurs whenever axis is a negative value less than -1. In this case, we are accessing data before the start o...
PT-2021-23177 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.7.0 TensorFlow versions 2.6.1 and earlier TensorFlow versions 2.5.2 and earlier TensorFlow versions 2.4.4 and earlier Description: The shape inference functions for the QuantizeAndDequantizeV operations can...
PT-2021-23184 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions 2.6.1 through 2.6.1 TensorFlow versions prior to 2.7.0 Description: The shape inference code for QuantizeV2 can trigger a read outside of bounds of heap allocated array. This occurs whenever axis is a negative value less...
GHSA-9W2P-5MGW-P94C Integer overflow due to conversion to unsigned
Impact The implementation of tf.rawops.QuantizeAndDequantizeV4Grad is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on this value. python import tensorflow as tf tf.rawops.QuantizeAndDequantizeV4Grad...
GHSA-C545-C4F9-RF6V Heap OOB in TFLite
Impact TFLite's expanddims.cc contains a vulnerability which allows reading one element outside of bounds of heap allocated data: cc if axis size; ++i if i datai = inputdims.datai; else if i == axis outputdims-datai = 1; else outputdims-datai = inputdims.datai - 1; If axis is a large negative val...
PYSEC-2021-307
TensorFlow is an end-to-end open source platform for machine learning. In affected versions TFLite's expanddims.cc contains a vulnerability which allows reading one element outside of bounds of heap allocated data. If axis is a large negative value e.g., -100000, then after the first if it would...
PYSEC-2021-796
TensorFlow is an end-to-end open source platform for machine learning. In affected versions TFLite's expanddims.cc contains a vulnerability which allows reading one element outside of bounds of heap allocated data. If axis is a large negative value e.g., -100000, then after the first if it would...
PYSEC-2021-307
TensorFlow is an end-to-end open source platform for machine learning. In affected versions TFLite's expanddims.cc contains a vulnerability which allows reading one element outside of bounds of heap allocated data. If axis is a large negative value e.g., -100000, then after the first if it would...
CVE-2021-37685
TensorFlow is an end-to-end open source platform for machine learning. In affected versions TFLite's expanddims.cc contains a vulnerability which allows reading one element outside of bounds of heap allocated data. If axis is a large negative value e.g., -100000, then after the first if it would...
PYSEC-2021-267
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.rawops.QuantizeAndDequantizeV4Grad is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on thi...
PT-2021-21804 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.6.0 TensorFlow versions 2.5.1 and earlier TensorFlow versions 2.4.3 and earlier TensorFlow versions 2.3.4 and earlier Description: The issue is related to TensorFlow's TFLite, where the expand dims.cc file...