4 matches found
PYSEC-2026-961 TensorFlow has null dereference on ParallelConcat with XLA
Impact When running with XLA, tf.rawops.ParallelConcat segfaults with a nullptr dereference when given a parameter shape with rank that is not greater than zero. python import tensorflow as tf func = tf.rawops.ParallelConcat para = 'shape': 0, 'values': 1 @tf.functionjitcompile=True def test: y =...
CVE-2021-41207
TensorFlow is an open source platform for machine learning. In affected versions the implementation of ParallelConcat misses some input validation and can produce a division by 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow...
TensorFlow has null dereference on ParallelConcat with XLA
...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS when running with XLA, tf.rawops.ParallelConcat segfaults with a nullptr dereference when given a parameter shape with rank that is not greater than zero. PoC import tensorflow as tf func = tf.rawops.ParallelConcat...