12 matches found
SUSE CVE-2022-35967
TensorFlow is an open source platform for machine learning. If QuantizedAdd is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 49b3824d83af706df0ad07e4e677d88659756d89...
Google TensorFlow Input Validation Error Vulnerability (CNVD-2023-10611)
Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. An input validation error vulnerability exists in Google TensorFlow, which stems from a segmentation error that occurs if QuantizedAdd is given a tensor of non-zero rank mininput or maxinput. An attacke...
TensorFlow vulnerable to segfault in `QuantizedAdd`
Impact If QuantizedAdd is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. python import tensorflow as tf Toutput = tf.qint32 x = tf.constant140, shape=1, dtype=tf.quint8 y = tf.constant26, shape=10,...
CVE-2022-35967
TensorFlow is an open source platform for machine learning. If QuantizedAdd is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 49b3824d83af706df0ad07e4e677d88659756d89...
CVE-2022-35967 Segfault in `QuantizedAdd` in TensorFlow
TensorFlow is an open source platform for machine learning. If QuantizedAdd is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 49b3824d83af706df0ad07e4e677d88659756d89...
CVE-2022-35967 Segfault in `QuantizedAdd` in TensorFlow
TensorFlow is an open source platform for machine learning. If QuantizedAdd is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 49b3824d83af706df0ad07e4e677d88659756d89...
CVE-2022-35967 Segfault in `QuantizedAdd` in TensorFlow
TensorFlow is an open source platform for machine learning. If QuantizedAdd is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 49b3824d83af706df0ad07e4e677d88659756d89...
CVE-2022-35967
CVE-2022-35967 affects TensorFlow: a segfault in QuantizedAdd when min_input or max_input tensors have nonzero rank can trigger a denial of service. The issue has been patched in GitHub commit 49b3824d83af706df0ad07e4e677d88659756d89, with the fix planned for TensorFlow 2.10.0 and cherry-picked t...
PT-2022-23066 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue arises when QuantizedAdd is given min input or max input tensors of a...
Google TensorFlow 输入验证错误漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. An input validation error vulnerability exists in Google TensorFlow, which stems from a segmentation error that occurs if QuantizedAdd is given a tensor of non-zero rank mininput or maxinput. An attacke...
Division by 0 in `QuantizedAdd`
Impact An attacker can cause a runtime division by zero error and denial of service in tf.rawops.QuantizedAdd: python import tensorflow as tf x = tf.constant68, 228, shape=2, 1, dtype=tf.quint8 y = tf.constant, shape=2, 0, dtype=tf.quint8 minx = tf.constant10.723421015884028 maxx =...
CVE-2021-29549 Division by 0 in `QuantizedAdd`
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runtime division by zero error and denial of service in tf.rawops.QuantizedBatchNormWithGlobalNormalization. This is because the...