8 matches found
CVE-2022-36026
TensorFlow is an open source platform for machine learning. If QuantizeAndDequantizeV3 is given a nonscalar numbits input tensor, it results in a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit f3f9cb38ecfe5a8a703f2c4a8fead434ef291713...
Denial Of Service (DoS)
tensorflow is vulnerable to denial of service. The vulnerability exists in Compute function in batchkernels.cc because Unbatch Op kernel doesn't properly check if the input argument is a scalar which allows an attacker to send non-scalar input IDs causing an application crash...
CVE-2022-36005 `CHECK` fail in `FakeQuantWithMinMaxVarsGradient` in TensorFlow
TensorFlow is an open source platform for machine learning. When tf.quantization.fakequantwithminmaxvarsgradient receives input min or max that is nonscalar, it gives a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit...
CVE-2022-36026
TensorFlow is an open source platform for machine learning. If QuantizeAndDequantizeV3 is given a nonscalar numbits input tensor, it results in a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit f3f9cb38ecfe5a8a703f2c4a8fead434ef291713...
GHSA-P7HR-F446-X6QF TensorFlow vulnerable to `CHECK` fail in `tf.sparse.cross`
Impact If tf.sparse.cross receives an input separator that is not a scalar, it gives a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf tf.sparse.crossinputs=,name='a',separator=tf.constant'a', 'b',dtype=tf.string Patches We have patched the issue ...
Google TensorFlow 输入验证错误漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google, Inc. in the United States. Google TensorFlow suffers from an input validation error vulnerability that stems from a segmentation error that can be used to trigger a denial-of-service attack if...
Google TensorFlow 安全漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google, Inc. in the United States. A security vulnerability exists in Google TensorFlow, which stems from the fact that if QuantizeAndDequantizeV3 is given a non-scalar numbits input tensor, it will cause t...
PYSEC-2021-198
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a CHECK-failure coming from tf.rawops.LoadAndRemapMatrix. This is because the...