13 matches found
PYSEC-2026-1037 TensorFlow vulnerable to segfault in `QuantizedAdd`
Impact If QuantizedAdd is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf Toutput = tf.qint32 x = tf.constant140, shape=1, dtype=tf.quint8 y = tf.constant26, shape=10,...
SUSE CVE-2022-35967
TensorFlow is an open source platform for machine learning. If QuantizedAdd is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 49b3824d83af706df0ad07e4e677d88659756d89...
Google TensorFlow Input Validation Error Vulnerability (CNVD-2023-10611)
Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. An input validation error vulnerability exists in Google TensorFlow, which stems from a segmentation error that occurs if QuantizedAdd is given a tensor of non-zero rank mininput or maxinput. An attacke...
TensorFlow vulnerable to segfault in `QuantizedAdd`
Impact If QuantizedAdd is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf Toutput = tf.qint32 x = tf.constant140, shape=1, dtype=tf.quint8 y = tf.constant26, shape=10,...
CVE-2022-35967
TensorFlow is an open source platform for machine learning. If QuantizedAdd is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 49b3824d83af706df0ad07e4e677d88659756d89...
CVE-2022-35967 Segfault in `QuantizedAdd` in TensorFlow
TensorFlow is an open source platform for machine learning. If QuantizedAdd is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 49b3824d83af706df0ad07e4e677d88659756d89...
CVE-2022-35967 Segfault in `QuantizedAdd` in TensorFlow
TensorFlow is an open source platform for machine learning. If QuantizedAdd is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 49b3824d83af706df0ad07e4e677d88659756d89...
CVE-2022-35967
CVE-2022-35967 affects TensorFlow: a segfault in QuantizedAdd when min_input or max_input tensors have nonzero rank can trigger a denial of service. The issue has been patched in GitHub commit 49b3824d83af706df0ad07e4e677d88659756d89, with the fix planned for TensorFlow 2.10.0 and cherry-picked t...
CVE-2022-35967 Segfault in `QuantizedAdd` in TensorFlow
TensorFlow is an open source platform for machine learning. If QuantizedAdd is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 49b3824d83af706df0ad07e4e677d88659756d89...
Google TensorFlow 输入验证错误漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. An input validation error vulnerability exists in Google TensorFlow, which stems from a segmentation error that occurs if QuantizedAdd is given a tensor of non-zero rank mininput or maxinput. An attacke...
PT-2022-23066
Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description The issue arises when QuantizedAdd is given min input or max input tensors of a...
Division by 0 in `QuantizedAdd`
Impact An attacker can cause a runtime division by zero error and denial of service in tf.rawops.QuantizedAdd: python import tensorflow as tf x = tf.constant68, 228, shape=2, 1, dtype=tf.quint8 y = tf.constant, shape=2, 0, dtype=tf.quint8 minx = tf.constant10.723421015884028 maxx =...
CVE-2021-29549 Division by 0 in `QuantizedAdd`
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runtime division by zero error and denial of service in tf.rawops.QuantizedBatchNormWithGlobalNormalization. This is because the...