CVE-2023-25675

TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor. A fix is included in TensorFlow 2.12.0 and 2.11.1...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. When running with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor. PoC import tensorflow as tf func = tf.rawops.Bincount...

AZL-31212 CVE-2023-25675 affecting package tensorflow for versions less than 2.11.1-1

TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor. A fix is included in TensorFlow 2.12.0 and 2.11.1...

GHSA-7X4V-9GXG-9HWJ TensorFlow has Segfault in Bincount with XLA

Impact When running with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor. python import tensorflow as tf func = tf.rawops.Bincount para='arr': 6, 'size': 804, 'weights': 52, 351 @tf.functionjitcompile=True def...

GHSA-W62H-8XJM-FV49 TensorFlow vulnerable to `CHECK` fail in `DenseBincount`

Impact DenseBincount assumes its input tensor weights to either have the same shape as its input tensor input or to be length-0. A different weights shape will trigger a CHECK fail that can be used to trigger a denial of service attack. python import tensorflow as tf binaryoutput = True input =...