14329 matches found
CVE-2022-35952 `CHECK` failures in `UnbatchGradOp` in TensorFlow
TensorFlow is an open source platform for machine learning. The UnbatchGradOp function takes an argument id that is assumed to be a scalar. A nonscalar id can trigger a CHECK failure and crash the program. It also requires its argument batchindex to contain three times the number of elements as...
CVE-2022-35952 `CHECK` failures in `UnbatchGradOp` in TensorFlow
TensorFlow is an open source platform for machine learning. The UnbatchGradOp function takes an argument id that is assumed to be a scalar. A nonscalar id can trigger a CHECK failure and crash the program. It also requires its argument batchindex to contain three times the number of elements as...
CVE-2022-35940 Int overflow in `RaggedRangeOp` in Tensoflow
TensorFlow is an open source platform for machine learning. The RaggedRangOp function takes an argument limits that is eventually used to construct a TensorShape as an int64. If limits is a very large float, it can overflow when converted to an int64. This triggers an InvalidArgument but also...
CVE-2022-35940 Int overflow in `RaggedRangeOp` in Tensoflow
TensorFlow is an open source platform for machine learning. The RaggedRangOp function takes an argument limits that is eventually used to construct a TensorShape as an int64. If limits is a very large float, it can overflow when converted to an int64. This triggers an InvalidArgument but also...
CVE-2022-35940
TensorFlow RaggedRangOp is affected by CVE-2022-35940: if limits contains a very large float, converting to int64 can overflow, causing an InvalidArgument and an abort that crashes the program. Patch available in commit 37cefa91bee4eace55715eeef43720b958a01192; expected in TensorFlow 2.10.0 with ...
CVE-2022-35940 Int overflow in `RaggedRangeOp` in Tensoflow
TensorFlow is an open source platform for machine learning. The RaggedRangOp function takes an argument limits that is eventually used to construct a TensorShape as an int64. If limits is a very large float, it can overflow when converted to an int64. This triggers an InvalidArgument but also...
CVE-2022-35940
TensorFlow is an open source platform for machine learning. The RaggedRangOp function takes an argument limits that is eventually used to construct a TensorShape as an int64. If limits is a very large float, it can overflow when converted to an int64. This triggers an InvalidArgument but also...
CVE-2022-35941 `CHECK` failure in `AvgPoolOp` in Tensorflow
TensorFlow is an open source platform for machine learning. The AvgPoolOp function takes an argument ksize that must be positive but is not checked. A negative ksize can trigger a CHECK failure and crash the program. We have patched the issue in GitHub commit...
CVE-2022-35941 `CHECK` failure in `AvgPoolOp` in Tensorflow
TensorFlow is an open source platform for machine learning. The AvgPoolOp function takes an argument ksize that must be positive but is not checked. A negative ksize can trigger a CHECK failure and crash the program. We have patched the issue in GitHub commit...
CVE-2022-35941 `CHECK` failure in `AvgPoolOp` in Tensorflow
TensorFlow is an open source platform for machine learning. The AvgPoolOp function takes an argument ksize that must be positive but is not checked. A negative ksize can trigger a CHECK failure and crash the program. We have patched the issue in GitHub commit...
CVE-2022-35941
CVE-2022-35941 affects TensorFlow: AvgPoolOp accepts a positive ksize but does not validate it, enabling a potential crash via a negative ksize. The issue is fixed in commit 3a6ac52664c6c095aa2b114e742b0aa17fdce78f and will be included in TensorFlow 2.10.0; the patch will be cherry-picked for TF ...
CVE-2022-35941
TensorFlow is an open source platform for machine learning. The AvgPoolOp function takes an argument ksize that must be positive but is not checked. A negative ksize can trigger a CHECK failure and crash the program. We have patched the issue in GitHub commit...
CVE-2022-35937 OOB read in `Gather_nd` op in TensorFlow Lite
TensorFlow is an open source platform for machine learning. The GatherNd function takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read is triggered. This issue has been patched in...
CVE-2022-35937 OOB read in `Gather_nd` op in TensorFlow Lite
TensorFlow is an open source platform for machine learning. The GatherNd function takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read is triggered. This issue has been patched in...
CVE-2022-35937
TensorFlow Lite GatherNd contains an out-of-bounds read when input indices can exceed output sizes. The issue is fixed via patch 595a65a3e224a0362d7e68c2213acfc2b499a196, with the fix planned for TensorFlow 2.10.0 and cherry-picks for 2.9.1, 2.8.1, and 2.7.2 (all in the supported range). There ar...
CVE-2022-35937 OOB read in `Gather_nd` op in TensorFlow Lite
TensorFlow is an open source platform for machine learning. The GatherNd function takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read is triggered. This issue has been patched in...
CVE-2022-35937
TensorFlow is an open source platform for machine learning. The GatherNd function takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read is triggered. This issue has been patched in...
CVE-2022-35939
CVE-2022-35939 concerns TensorFlow’s ScatterNd in TensorFlow Lite and core TF, where an input index outside the output bounds can write at an invalid location or crash. The issue is fixed via commit b4d4b4cb019bd7240a52daa4ba61e3cc814f0384 and the patch is scheduled for inclusion in TensorFlow 2....
CVE-2022-35939 Out of bounds write in `scatter_nd` op in TensorFlow Lite
TensorFlow is an open source platform for machine learning. The ScatterNd function takes an input argument that determines the indices of of the output tensor. An input index greater than the output tensor or less than zero will either write content at the wrong index or trigger a crash. We have...
CVE-2022-35939 Out of bounds write in `scatter_nd` op in TensorFlow Lite
TensorFlow is an open source platform for machine learning. The ScatterNd function takes an input argument that determines the indices of of the output tensor. An input index greater than the output tensor or less than zero will either write content at the wrong index or trigger a crash. We have...