14326 matches found
CVE-2022-35971
CVE-2022-35971 affects TensorFlow: a denial-of-service risk when FakeQuantWithMinMaxVars receives min/max tensors of nonzero rank, causing a CHECK failure. Root cause: input validation in FakeQuantWithMinMaxVars leads to DoS. Known impact: remote attacker could trigger DoS via this path; exploita...
CVE-2022-35971 `CHECK` fail in `FakeQuantWithMinMaxVars` in TensorFlow
TensorFlow is an open source platform for machine learning. If FakeQuantWithMinMaxVars is given min or max tensors of a nonzero rank, it results in a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...
CVE-2022-35971 `CHECK` fail in `FakeQuantWithMinMaxVars` in TensorFlow
TensorFlow is an open source platform for machine learning. If FakeQuantWithMinMaxVars is given min or max tensors of a nonzero rank, it results in a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...
CVE-2022-35971
TensorFlow is an open source platform for machine learning. If FakeQuantWithMinMaxVars is given min or max tensors of a nonzero rank, it results in a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...
CVE-2022-35969 `CHECK` fail in `Conv2DBackpropInput` in TensorFlow
TensorFlow is an open source platform for machine learning. The implementation of Conv2DBackpropInput requires inputsizes to be 4-dimensional. Otherwise, it gives a CHECK failure which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...
CVE-2022-35969 `CHECK` fail in `Conv2DBackpropInput` in TensorFlow
TensorFlow is an open source platform for machine learning. The implementation of Conv2DBackpropInput requires inputsizes to be 4-dimensional. Otherwise, it gives a CHECK failure which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...
CVE-2022-35969
TensorFlow CVE-2022-35969 stems from Conv2DBackpropInput requiring input_sizes to be 4-dimensional; non-conforming input can trigger a CHECK failure that allows denial of service. A fix was committed (50156d547b9a1da0144d7babe665cf690305b33c) and will be included in TensorFlow 2.10.0, with cherry...
CVE-2022-35969
TensorFlow is an open source platform for machine learning. The implementation of Conv2DBackpropInput requires inputsizes to be 4-dimensional. Otherwise, it gives a CHECK failure which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...
CVE-2022-35969 `CHECK` fail in `Conv2DBackpropInput` in TensorFlow
TensorFlow is an open source platform for machine learning. The implementation of Conv2DBackpropInput requires inputsizes to be 4-dimensional. Otherwise, it gives a CHECK failure which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...
CVE-2022-35970 Segfault in `QuantizedInstanceNorm` in TensorFlow
TensorFlow is an open source platform for machine learning. If QuantizedInstanceNorm is given xmin or xmax tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 785d67a78a1d533759fcd2f5e8d6ef778de849e...
CVE-2022-35970 Segfault in `QuantizedInstanceNorm` in TensorFlow
TensorFlow is an open source platform for machine learning. If QuantizedInstanceNorm is given xmin or xmax tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 785d67a78a1d533759fcd2f5e8d6ef778de849e...
CVE-2022-35970
CVE-2022-35970 affects TensorFlow’s QuantizedInstanceNorm. When x_min or x_max are tensors of a nonzero rank, a segfault occurs, enabling a denial of service as described in the entry. The issue is fixed in the GitHub commit 785d67a78a1d533759fcd2f5e8d6ef778de849e0 and the fix is to be included i...
CVE-2022-35970
TensorFlow is an open source platform for machine learning. If QuantizedInstanceNorm is given xmin or xmax tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 785d67a78a1d533759fcd2f5e8d6ef778de849e...
CVE-2022-35970 Segfault in `QuantizedInstanceNorm` in TensorFlow
TensorFlow is an open source platform for machine learning. If QuantizedInstanceNorm is given xmin or xmax tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 785d67a78a1d533759fcd2f5e8d6ef778de849e...
CVE-2022-35968
TensorFlow: CVE-2022-35968 affects AvgPoolGrad where input orig_input_shape is not fully validated, triggering a CHECK failure that can cause a denial of service. A patch was applied in GitHub commit 3a6ac52664c6c095aa2b114e742b0aa17fdce78f and the fix is scheduled for TensorFlow 2.10.0, with che...
CVE-2022-35968 `CHECK` fail in `AvgPoolGrad` in TensorFlow
TensorFlow is an open source platform for machine learning. The implementation of AvgPoolGrad does not fully validate the input originputshape. This results in a CHECK failure which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...
CVE-2022-35968 `CHECK` fail in `AvgPoolGrad` in TensorFlow
TensorFlow is an open source platform for machine learning. The implementation of AvgPoolGrad does not fully validate the input originputshape. This results in a CHECK failure which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...
CVE-2022-35968
TensorFlow is an open source platform for machine learning. The implementation of AvgPoolGrad does not fully validate the input originputshape. This results in a CHECK failure which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...
CVE-2022-35968 `CHECK` fail in `AvgPoolGrad` in TensorFlow
TensorFlow is an open source platform for machine learning. The implementation of AvgPoolGrad does not fully validate the input originputshape. This results in a CHECK failure which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...
CVE-2022-35966 Segfault in `QuantizedAvgPool` in TensorFlow
TensorFlow is an open source platform for machine learning. If QuantizedAvgPool is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...