CVE-2022-35986

TensorFlow is an open source platform for machine learning. If RaggedBincount is given an empty input tensor splits, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 7a4591fd4f065f4fa903593bc39b2f79530a74b8. The fix will b...

CVE-2022-35986 Segfault in `RaggedBincount` in TensorFlow

TensorFlow is an open source platform for machine learning. If RaggedBincount is given an empty input tensor splits, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 7a4591fd4f065f4fa903593bc39b2f79530a74b8. The fix will b...

CVE-2022-35987 `CHECK` fail in `DenseBincount` in TensorFlow

TensorFlow is an open source platform for machine learning. DenseBincount assumes its input tensor weights to either have the same shape as its input tensor input or to be length-0. A different weights shape will trigger a CHECK fail that can be used to trigger a denial of service attack. We have...

CVE-2022-35987

TensorFlow vulnerability CVE-2022-35987 affects DenseBincount: if weights shape does not match input (or is not length-0), a CHECK failure can be triggered, potentially allowing a denial-of-service. The issue is mitigated by applying the patch from commit bf4c14353c2328636a18bfad1e151052c81d5f43,...

CVE-2022-35987 `CHECK` fail in `DenseBincount` in TensorFlow

TensorFlow is an open source platform for machine learning. DenseBincount assumes its input tensor weights to either have the same shape as its input tensor input or to be length-0. A different weights shape will trigger a CHECK fail that can be used to trigger a denial of service attack. We have...

CVE-2022-35987 `CHECK` fail in `DenseBincount` in TensorFlow

TensorFlow is an open source platform for machine learning. DenseBincount assumes its input tensor weights to either have the same shape as its input tensor input or to be length-0. A different weights shape will trigger a CHECK fail that can be used to trigger a denial of service attack. We have...

CVE-2022-35987

TensorFlow is an open source platform for machine learning. DenseBincount assumes its input tensor weights to either have the same shape as its input tensor input or to be length-0. A different weights shape will trigger a CHECK fail that can be used to trigger a denial of service attack. We have...

CVE-2022-35985 `CHECK` fail in `LRNGrad` in TensorFlow

TensorFlow is an open source platform for machine learning. If LRNGrad is given an outputimage input tensor that is not 4-D, it results in a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit bd90b3efab4ec958b228cd7cfe9125be1c0cf255. The...

CVE-2022-35985 `CHECK` fail in `LRNGrad` in TensorFlow

TensorFlow is an open source platform for machine learning. If LRNGrad is given an outputimage input tensor that is not 4-D, it results in a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit bd90b3efab4ec958b228cd7cfe9125be1c0cf255. The...

CVE-2022-35985

TensorFlow is an open source platform for machine learning. If LRNGrad is given an outputimage input tensor that is not 4-D, it results in a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit bd90b3efab4ec958b228cd7cfe9125be1c0cf255. The...

CVE-2022-35985

CVE-2022-35985: In TensorFlow, LRNGrad raises a denial-of-service risk when output_image is not 4-D, triggering a CHECK failure. The issue was patched in commit bd90b3efab4ec958b228cd7cfe9125be1c0cf255 and the fix is planned for TensorFlow 2.10.0, with cherry-picks on TF 2.9.1, 2.8.1, and 2.7.2 (...

CVE-2022-35985 `CHECK` fail in `LRNGrad` in TensorFlow

TensorFlow is an open source platform for machine learning. If LRNGrad is given an outputimage input tensor that is not 4-D, it results in a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit bd90b3efab4ec958b228cd7cfe9125be1c0cf255. The...

CVE-2022-35984 `CHECK` fail in `ParameterizedTruncatedNormal` in TensorFlow

TensorFlow is an open source platform for machine learning. ParameterizedTruncatedNormal assumes shape is of type int32. A valid shape of type int64 results in a mismatched type CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...

CVE-2022-35984 `CHECK` fail in `ParameterizedTruncatedNormal` in TensorFlow

TensorFlow is an open source platform for machine learning. ParameterizedTruncatedNormal assumes shape is of type int32. A valid shape of type int64 results in a mismatched type CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...

CVE-2022-35984

TensorFlow is an open source platform for machine learning. ParameterizedTruncatedNormal assumes shape is of type int32. A valid shape of type int64 results in a mismatched type CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...

CVE-2022-35984 `CHECK` fail in `ParameterizedTruncatedNormal` in TensorFlow

TensorFlow is an open source platform for machine learning. ParameterizedTruncatedNormal assumes shape is of type int32. A valid shape of type int64 results in a mismatched type CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...

CVE-2022-35984

TensorFlow CVE-2022-35984 affects ParameterizedTruncatedNormal where shape is assumed to be int32; providing an int64 shape triggers a mismatched type CHECK failure that can cause a denial of service. The issue has been patched in commit 72180be03447a10810edca700cbc9af690dfeb51 and the fix is sla...

CVE-2022-35983

CVE-2022-35983 affects TensorFlow. When calling Save or SaveSlices on tensors with an unsupported dtype, a CHECK failure can be triggered, potentially enabling a denial-of-service. The issue is fixed in the GitHub commit 5dd7b86b84a864b834c6fa3d7f9f51c87efa99d4 and will be included in TensorFlow ...

CVE-2022-35983 `CHECK` fail in `Save` and `SaveSlices` in TensorFlow

TensorFlow is an open source platform for machine learning. If Save or SaveSlices is run over tensors of an unsupported dtype, it results in a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 5dd7b86b84a864b834c6fa3d7f9f51c87efa99d4. Th...

CVE-2022-35983

TensorFlow is an open source platform for machine learning. If Save or SaveSlices is run over tensors of an unsupported dtype, it results in a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 5dd7b86b84a864b834c6fa3d7f9f51c87efa99d4. Th...