CVE-2022-35963 `CHECK` failures in `FractionalAvgPoolGrad` in TensorFlow

TensorFlow is an open source platform for machine learning. The implementation of FractionalAvgPoolGrad does not fully validate the input originputtensorshape. This results in an overflow that results in a CHECK failure which can be used to trigger a denial of service attack. We have patched the...

CVE-2022-35963 `CHECK` failures in `FractionalAvgPoolGrad` in TensorFlow

TensorFlow is an open source platform for machine learning. The implementation of FractionalAvgPoolGrad does not fully validate the input originputtensorshape. This results in an overflow that results in a CHECK failure which can be used to trigger a denial of service attack. We have patched the...

CVE-2022-35963

TensorFlow is an open source platform for machine learning. The implementation of FractionalAvgPoolGrad does not fully validate the input originputtensorshape. This results in an overflow that results in a CHECK failure which can be used to trigger a denial of service attack. We have patched the...

CVE-2022-35960 `CHECK` failure in `TensorListReserve` in TensorFlow

TensorFlow is an open source platform for machine learning. In core/kernels/listkernels.cc's TensorListReserve, numelements is assumed to be a tensor of size 1. When a numelements of more than 1 element is provided, then tf.rawops.TensorListReserve fails the CHECKEQ in...

CVE-2022-35960 `CHECK` failure in `TensorListReserve` in TensorFlow

TensorFlow is an open source platform for machine learning. In core/kernels/listkernels.cc's TensorListReserve, numelements is assumed to be a tensor of size 1. When a numelements of more than 1 element is provided, then tf.rawops.TensorListReserve fails the CHECKEQ in...

CVE-2022-35960

CVE-2022-35960 relates to TensorFlow’s TensorListReserve check in core/kernels/list_kernels.cc. The issue occurs when num_elements is a tensor larger than size 1, causing a failed CHECK_EQ in CheckIsAlignedAndSingleElement and potentially denial of service. The documented fix is committed (b5f6fb...

CVE-2022-35960 `CHECK` failure in `TensorListReserve` in TensorFlow

TensorFlow is an open source platform for machine learning. In core/kernels/listkernels.cc's TensorListReserve, numelements is assumed to be a tensor of size 1. When a numelements of more than 1 element is provided, then tf.rawops.TensorListReserve fails the CHECKEQ in...

CVE-2022-35960

TensorFlow is an open source platform for machine learning. In core/kernels/listkernels.cc's TensorListReserve, numelements is assumed to be a tensor of size 1. When a numelements of more than 1 element is provided, then tf.rawops.TensorListReserve fails the CHECKEQ in...

CVE-2022-35959 `CHECK` failures in `AvgPool3DGrad` in TensorFlow

TensorFlow is an open source platform for machine learning. The implementation of AvgPool3DGradOp does not fully validate the input originputshape. This results in an overflow that results in a CHECK failure which can be used to trigger a denial of service attack. We have patched the issue in...

CVE-2022-35959 `CHECK` failures in `AvgPool3DGrad` in TensorFlow

TensorFlow is an open source platform for machine learning. The implementation of AvgPool3DGradOp does not fully validate the input originputshape. This results in an overflow that results in a CHECK failure which can be used to trigger a denial of service attack. We have patched the issue in...

CVE-2022-35959

TensorFlow’s CVE-2022-35959 is a denial-of-service flaw caused by insufficient validation of orig_input_shape in AvgPool3DGradOp. The overflow triggers a CHECK failure, with impact limited to environments using affected builds. The issue has been patched in commit 9178ac9d6389bdc54638ab913ea0e419...

CVE-2022-35959 `CHECK` failures in `AvgPool3DGrad` in TensorFlow

TensorFlow is an open source platform for machine learning. The implementation of AvgPool3DGradOp does not fully validate the input originputshape. This results in an overflow that results in a CHECK failure which can be used to trigger a denial of service attack. We have patched the issue in...

CVE-2022-35959

TensorFlow is an open source platform for machine learning. The implementation of AvgPool3DGradOp does not fully validate the input originputshape. This results in an overflow that results in a CHECK failure which can be used to trigger a denial of service attack. We have patched the issue in...

CVE-2022-35952 `CHECK` failures in `UnbatchGradOp` in TensorFlow

TensorFlow is an open source platform for machine learning. The UnbatchGradOp function takes an argument id that is assumed to be a scalar. A nonscalar id can trigger a CHECK failure and crash the program. It also requires its argument batchindex to contain three times the number of elements as...

CVE-2022-35952 `CHECK` failures in `UnbatchGradOp` in TensorFlow

TensorFlow is an open source platform for machine learning. The UnbatchGradOp function takes an argument id that is assumed to be a scalar. A nonscalar id can trigger a CHECK failure and crash the program. It also requires its argument batchindex to contain three times the number of elements as...

CVE-2022-35952

TensorFlow CVE-2022-35952 concerns the UnbatchGradOp: passing a non-scalar id or an incorrect batch_index can trigger CHECK failures, crashing the program. The issue affects UnbatchGrad in TensorFlow and is resolved by a patch in commit 5f945fc6409a3c1e90d6970c9292f805f6e6ddf2, with the fix plann...

CVE-2022-35952 `CHECK` failures in `UnbatchGradOp` in TensorFlow

TensorFlow is an open source platform for machine learning. The UnbatchGradOp function takes an argument id that is assumed to be a scalar. A nonscalar id can trigger a CHECK failure and crash the program. It also requires its argument batchindex to contain three times the number of elements as...

CVE-2022-35940 Int overflow in `RaggedRangeOp` in Tensoflow

TensorFlow is an open source platform for machine learning. The RaggedRangOp function takes an argument limits that is eventually used to construct a TensorShape as an int64. If limits is a very large float, it can overflow when converted to an int64. This triggers an InvalidArgument but also...

CVE-2022-35940 Int overflow in `RaggedRangeOp` in Tensoflow

TensorFlow is an open source platform for machine learning. The RaggedRangOp function takes an argument limits that is eventually used to construct a TensorShape as an int64. If limits is a very large float, it can overflow when converted to an int64. This triggers an InvalidArgument but also...

CVE-2022-35940 Int overflow in `RaggedRangeOp` in Tensoflow

TensorFlow is an open source platform for machine learning. The RaggedRangOp function takes an argument limits that is eventually used to construct a TensorShape as an int64. If limits is a very large float, it can overflow when converted to an int64. This triggers an InvalidArgument but also...