3 matches found
GHSA-4W68-4X85-MJJ9 TensorFlow vulnerable to segfault in `QuantizedAvgPool`
Impact If QuantizedAvgPool is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf ksize = 1, 2, 2, 1 strides = 1, 2, 2, 1 padding = "SAME" input = tf.constant1, shape=1,4,4,2,...
CVE-2022-35967
TensorFlow is an open source platform for machine learning. If QuantizedAdd is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 49b3824d83af706df0ad07e4e677d88659756d89...
PT-2022-23065
Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1, 2.8.1, and 2.7.2 Description The issue occurs when QuantizedAvgPool is given min input or max input tensors of a nonzero rank, resulting in a segfault that can be used to trigger a...