15 matches found
SUSE CVE-2022-35967
TensorFlow is an open source platform for machine learning. If QuantizedAdd is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 49b3824d83af706df0ad07e4e677d88659756d89...
GHSA-4PC4-M9MJ-V2R9 TensorFlow vulnerable to segfault in `QuantizedBiasAdd`
Impact If QuantizedBiasAdd is given mininput, maxinput, minbias, maxbias tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf outtype = tf.qint32 input = tf.constant85,170,255, shape=3, dtype=tf.quint8 bias =...
GHSA-G35R-369W-3FQP TensorFlow vulnerable to segfault in `QuantizedInstanceNorm`
Impact If QuantizedInstanceNorm is given xmin or xmax tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf outputrangegiven = False givenymin = 0 givenymax = 0 varianceepsilon = 1e-05 minseparation = 0.001 x =...
GHSA-V6H3-348G-6H5X TensorFlow vulnerable to segfault in `QuantizedAdd`
Impact If QuantizedAdd is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf Toutput = tf.qint32 x = tf.constant140, shape=1, dtype=tf.quint8 y = tf.constant26, shape=10,...
GHSA-4W68-4X85-MJJ9 TensorFlow vulnerable to segfault in `QuantizedAvgPool`
Impact If QuantizedAvgPool is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf ksize = 1, 2, 2, 1 strides = 1, 2, 2, 1 padding = "SAME" input = tf.constant1, shape=1,4,4,2,...
CVE-2022-35972
TensorFlow is an open source platform for machine learning. If QuantizedBiasAdd is given mininput, maxinput, minbias, maxbias tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...
CVE-2022-35971
TensorFlow is an open source platform for machine learning. If FakeQuantWithMinMaxVars is given min or max tensors of a nonzero rank, it results in a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...
CVE-2022-35970 Segfault in `QuantizedInstanceNorm` in TensorFlow
TensorFlow is an open source platform for machine learning. If QuantizedInstanceNorm is given xmin or xmax tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 785d67a78a1d533759fcd2f5e8d6ef778de849e...
CVE-2022-35970 Segfault in `QuantizedInstanceNorm` in TensorFlow
TensorFlow is an open source platform for machine learning. If QuantizedInstanceNorm is given xmin or xmax tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 785d67a78a1d533759fcd2f5e8d6ef778de849e...
CVE-2022-35966
TensorFlow is an open source platform for machine learning. If QuantizedAvgPool is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...
CVE-2022-35967
TensorFlow is an open source platform for machine learning. If QuantizedAdd is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 49b3824d83af706df0ad07e4e677d88659756d89...
PT-2022-23065 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1, 2.8.1, and 2.7.2 Description: The issue occurs when QuantizedAvgPool is given min input or max input tensors of a nonzero rank, resulting in a segfault that can be used to trigger...
PT-2022-23066 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue arises when QuantizedAdd is given min input or max input tensors of a...
PT-2022-23071 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue arises when QuantizedBiasAdd is given min input, max input, min bias,...
Google TensorFlow 输入验证错误漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google Inc. in the United States. Google TensorFlow suffers from an input validation error vulnerability that stems from the fact that if Requantize is given a non-zero rank tensor for inputmin, inputmax,...