SUSE CVE-2021-29558

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in tf.rawops.SparseSplit. This is because the...

GHSA-43Q8-3FV7-PR5X Improper Validation of Integrity Check Value in TensorFlow

Impact The implementation of tf.sparse.split does not fully validate the input arguments. Hence, a malicious user can trigger a denial of service via a segfault or a heap OOB read: python import tensorflow as tf data = tf.random.uniform1, 32, 32, dtype=tf.float32 axis = 1, 2 x =...

GHSA-XVJM-FVXX-Q3HV CHECK-fail due to integer overflow

Impact An attacker can trigger a denial of service via a CHECK-fail in caused by an integer overflow in constructing a new tensor shape: python import tensorflow as tf inputlayer = 260-1 sparsedata = tf.rawops.SparseSplit splitdim=1, indices=0, 0, 0, 1, 0, 2, 4, 3, 5, 0, 5, 1, values=1.0, 1.0, 1....

GHSA-MQH2-9WRP-VX84 Heap buffer overflow in `SparseSplit`

Impact An attacker can cause a heap buffer overflow in tf.rawops.SparseSplit: python import tensorflow as tf shapedims = tf.constant0, dtype=tf.int64 indices = tf.ones1, 1, dtype=tf.int64 values = tf.ones1, dtype=tf.int64 shape = tf.ones1, dtype=tf.int64 tf.rawops.SparseSplit splitdim=shapedims,...

PYSEC-2021-684

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in tf.rawops.SparseSplit. This is because the...

CVE-2021-29558

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in tf.rawops.SparseSplit. This is because the...

PT-2021-18309 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow version 2.4.2 TensorFlow version 2.3.3 TensorFlow version 2.2.3 TensorFlow version 2.1.4 Description: An attacker can cause a heap buffer overflow in tf.raw ops.SparseSplit because the...