9 matches found
GHSA-37JF-MJV6-XFQW TensorFlow vulnerable to `CHECK` fail in `Conv2DBackpropInput`
Impact When Conv2DBackpropInput receives empty outbackprop inputs e.g. 3, 1, 0, 1, the current CPU/GPU kernels CHECK fail one with dnnl, the other with cudnn. This can be used to trigger a denial of service attack. python import tensorflow as tf import numpy as np inputsizes = 3, 1, 1, 2 filter =...
GHSA-6F89-8J54-29XF Heap buffer overflow in `FractionalAvgPoolGrad`
Impact The implementation of tf.rawops.FractionalAvgPoolGrad is vulnerable to a heap buffer overflow: python import tensorflow as tf originputtensorshape = tf.constant1, 3, 2, 3, shape=4, dtype=tf.int64 outbackprop = tf.constant2, shape=1, 1, 1, 1, dtype=tf.int64 rowpoolingsequence = tf.constant1...
GHSA-WCV5-QRJ6-9PFM Heap buffer overflow in `Conv3DBackprop*`
Impact Missing validation between arguments to tf.rawops.Conv3DBackprop operations can result in heap buffer overflows: python import tensorflow as tf inputsizes = tf.constant1, 1, 1, 1, 2, shape=5, dtype=tf.int32 filtertensor = tf.constant734.6274508233133, -10.0, -10.0, -10.0, -10.0, -10.0,...
PYSEC-2021-506
TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.FractionalAvgPoolGrad is vulnerable to a heap buffer overflow. The...
PYSEC-2021-704
TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.FractionalAvgPoolGrad is vulnerable to a heap buffer overflow. The...
PYSEC-2021-705
TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGrad is vulnerable to a heap buffer overflow. The...
PYSEC-2021-507
TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGrad is vulnerable to a heap buffer overflow. The...
CVE-2021-29578
TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.FractionalAvgPoolGrad is vulnerable to a heap buffer overflow. The...
CVE-2021-29579
TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGrad is vulnerable to a heap buffer overflow. The...