14329 matches found
CVE-2022-23589 Null pointer dereference in Grappler's `IsConstant` in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow can trigger a null pointer dereference. There are 2 places where this can occur, for the same malicious alteration of a SavedModel file fixing the first one would trigger the same...
CVE-2022-23586
TensorFlow vulnerability CVE-2022-23586 affects the SavedModel path via assertions in function.cc, enabling denial of service by a malicious SavedModel that crashes the Python interpreter. Root cause is CHECK/assertion failures in function.cc when a SavedModel is altered. Affected releases map to...
CVE-2022-23586 Multiple `CHECK`-fails in `function.cc` in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that assertions in function.cc would be falsified and crash the Python interpreter. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this comm...
CVE-2022-23586 Multiple `CHECK`-fails in `function.cc` in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that assertions in function.cc would be falsified and crash the Python interpreter. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this comm...
CVE-2022-23586
Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that assertions in function.cc would be falsified and crash the Python interpreter. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this comm...
CVE-2022-23586 Multiple `CHECK`-fails in `function.cc` in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that assertions in function.cc would be falsified and crash the Python interpreter. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this comm...
CVE-2022-23583
TensorFlow vulnerability CVE-2022-23583: a type confusion caused by modifying the SavedModel’s tensor protobufs can let a remote attacker trigger CHECK failures in templated binary operators, leading to a denial of service. Affected: various TF releases up to 2.8.x (and cherry-picks on 2.7.1, 2.6...
CVE-2022-23583 `CHECK`-failures in binary ops in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that any binary op would trigger CHECK failures. This occurs when the protobuf part corresponding to the tensor arguments is modified such that the dtype no longer...
CVE-2022-23583 `CHECK`-failures in binary ops in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that any binary op would trigger CHECK failures. This occurs when the protobuf part corresponding to the tensor arguments is modified such that the dtype no longer...
CVE-2022-23583
Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that any binary op would trigger CHECK failures. This occurs when the protobuf part corresponding to the tensor arguments is modified such that the dtype no longer...
CVE-2022-23583 `CHECK`-failures in binary ops in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that any binary op would trigger CHECK failures. This occurs when the protobuf part corresponding to the tensor arguments is modified such that the dtype no longer...
CVE-2022-23582 `CHECK`-failures in `TensorByteSize` in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that TensorByteSize would trigger CHECK failures. TensorShape constructor throws a CHECK-fail if shape is partial or has a number of elements that would overflow t...
CVE-2022-23582
CVE-2022-23582 affects TensorFlow: a malicious SavedModel can trigger a denial of service via TensorByteSize CHECK failures caused by shape handling in TensorShape/PartialTensorShape (shape partials or large element counts). Root cause is TensorShape throwing on partial/large shapes; PartialTenso...
CVE-2022-23582 `CHECK`-failures in `TensorByteSize` in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that TensorByteSize would trigger CHECK failures. TensorShape constructor throws a CHECK-fail if shape is partial or has a number of elements that would overflow t...
CVE-2022-23584 Use after free in `DecodePng` in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After png::CommonFreeDecode&decode gets called, the values of decode.width and decode.height are in an unspecified state. The fix will be included in TensorFlow...
CVE-2022-23584 Use after free in `DecodePng` in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After png::CommonFreeDecode&decode gets called, the values of decode.width and decode.height are in an unspecified state. The fix will be included in TensorFlow...
CVE-2022-23584 Use after free in `DecodePng` in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After png::CommonFreeDecode&decode gets called, the values of decode.width and decode.height are in an unspecified state. The fix will be included in TensorFlow...
CVE-2022-23584
Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After png::CommonFreeDecode&decode gets called, the values of decode.width and decode.height are in an unspecified state. The fix will be included in TensorFlow...
CVE-2022-23584
TensorFlow PNG decoding contains a use-after-free in png::CommonFreeDecode(&decode) where, after the call, decode.width and decode.height are in an unspecified state. This TF vulnerability (CVE-2022-23584) affects the TensorFlow PNG decode path and can lead to memory corruption or crashes when de...
CVE-2022-23592 Out of bounds read in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. TensorFlow's type inference can cause a heap out of bounds read as the bounds checking is done in a DCHECK which is a no-op during production. An attacker can control the inputidx variable such that ix would be larger than the number of...