Google TensorFlow 安全漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. An input validation error vulnerability exists in Google TensorFlow, which stems from an empty input to SparseFillEmptyRowsGrad. The vulnerability can be exploited to cause the program to crash...

Google TensorFlow 输入验证错误漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. An input validation error vulnerability exists in Google TensorFlow, which stems from the fact that an input "token" that is not a UTF-8 byte string will fail in the "PyFunc", an attacker can use this...

CVE-2022-41899 `CHECK` fail via inputs in `SdcaOptimizer` in Tensorflow

TensorFlow is an open source platform for machine learning. Inputs densefeatures or examplestatedata not of rank 2 will trigger a CHECK fail in SdcaOptimizer. We have patched the issue in GitHub commit 80ff197d03db2a70c6a111f97dcdacad1b0babfa. The fix will be included in TensorFlow 2.11. We will...

Google TensorFlow 安全漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A buffer overflow vulnerability exists in Google TensorFlow versions prior to 2.7.4, 2.8.0 and later, 2.8.1 and later, 2.9.0 and later, and 2.9.1 and earlier, which originates from "tf.rawops...

Google TensorFlow 安全漏洞

Google TensorFlow, an end-to-end open source platform for machine learning from Google, Inc. is vulnerable to buffer overflow in versions prior to 2.8.4, 2.9.0 and later, 2.9.3 and later, 2.10.0 and later, and 2.10.1. The vulnerability stems from the fact that tf.rawops.TensorListResize is given ...

CVE-2022-41891 Segfault in `tf.raw_ops.TensorListConcat` in Tensorflow

TensorFlow is an open source platform for machine learning. If tf.rawops.TensorListConcat is given elementshape=, it results segmentation fault which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit fc33f3dc4c14051a83eec6535b608abe1d355fde. The fix wil...

CVE-2022-41895 `MirrorPadGrad` heap out of bounds read in Tensorflow

TensorFlow is an open source platform for machine learning. If MirrorPadGrad is given outsize input paddings, TensorFlow will give a heap OOB error. We have patched the issue in GitHub commit 717ca98d8c3bba348ff62281fdf38dcb5ea1ec92. The fix will be included in TensorFlow 2.11. We will also...

Google TensorFlow 安全漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A denial of service vulnerability exists in Google TensorFlow versions prior to 2.8.4, 2.9.0 and later, 2.9.3 and later, 2.10.0 and later, and 2.10.1. TensorListConcat" is given "elementshape=", resulti...

CVE-2022-41891 Segfault in `tf.raw_ops.TensorListConcat` in Tensorflow

TensorFlow is an open source platform for machine learning. If tf.rawops.TensorListConcat is given elementshape=, it results segmentation fault which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit fc33f3dc4c14051a83eec6535b608abe1d355fde. The fix wil...

CVE-2022-41889 Segfault via invalid attributes in `pywrap_tfe_src.cc` in Tensorflow

TensorFlow is an open source platform for machine learning. If a list of quantized tensors is assigned to an attribute, the pywrap code fails to parse the tensor and returns a nullptr, which is not caught. An example can be seen in tf.compat.v1.extractvolumepatches by passing in quantized tensors...

CVE-2022-41908

TensorFlow CVE-2022-41908: CHECK fail in tf.raw_ops.PyFunc triggered by non-UTF-8 input tokens. Patch committed (9f03a9d3bafe902c1e6beb105b2f24172f238645); fix slated for TensorFlow 2.11 with cherry-picks to 2.10.1, 2.9.3, and 2.8.4. No exploit details provided in the documents.

Google TensorFlow 输入验证错误漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. Google TensorFlow is vulnerable to an input validation error that could be exploited by attackers to launch a program crash attack...

CVE-2022-41883 Out of bounds segmentation fault due to unequal op inputs in Tensorflow

TensorFlow is an open source platform for machine learning. When ops that have specified input sizes receive a differing number of inputs, the executor will crash. We have patched the issue in GitHub commit f5381e0e10b5a61344109c1b7c174c68110f7629. The fix will be included in TensorFlow 2.11. We...

CVE-2022-41888

CVE-2022-41888 (TensorFlow) affects the GPU path of tf.image.generate_bounding_box_proposals where the scores input must be rank 4 but this is not checked. TensorFlow patch cf35502463a88ca7185a99daa7031df60b3c1c98 fixes this, with the fix to be included in TensorFlow 2.11 and cherry-picked to Ten...

CVE-2022-41911 Invalid char to bool conversion when printing a tensor in Tensorflow

TensorFlow is an open source platform for machine learning. When printing a tensor, we get it's data as a const char array since that's the underlying storage and then we typecast it to the element type. However, conversions from char to bool are undefined if the char is not 0 or 1, so...

Google TensorFlow 安全漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A buffer overflow vulnerability exists in Google TensorFlow, which stems from tf.rawops.ResizeNearestNeighborGrad's lack of length size validation of the input data. validation, an attacker could exploi...

Google TensorFlow 代码问题漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A code issue vulnerability exists in Google TensorFlow, which stems from a logical error in the organization of data, where the conversion from char to bool is undefined if the const char array is not 0...

CVE-2022-41889 Segfault via invalid attributes in `pywrap_tfe_src.cc` in Tensorflow

TensorFlow is an open source platform for machine learning. If a list of quantized tensors is assigned to an attribute, the pywrap code fails to parse the tensor and returns a nullptr, which is not caught. An example can be seen in tf.compat.v1.extractvolumepatches by passing in quantized tensors...

CVE-2022-41887

TensorFlow is an open source platform for machine learning. tf.keras.losses.poisson receives a ypred and ytrue that are passed through functor::mul in BinaryOp. If the resulting dimensions overflow an int32, TensorFlow will crash due to a size mismatch during broadcast assignment. We have patched...

CVE-2022-41894

TensorFlow is an open source platform for machine learning. The reference kernel of the CONV3DTRANSPOSE TensorFlow Lite operator wrongly increments the dataptr when adding the bias to the result. Instead of dataptr += numchannels; it should be dataptr += outputnumchannels; as if the number of inp...