Lucene search
K

58 matches found

CNVD
CNVD
added 2020/12/11 12:0 a.m.4 views

Google TensorFlow Denial of Service Vulnerability (CNVD-2021-00093)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a denial-of-service vulnerability that stems from the LSTM GRU layer receiving a zero-length input when using a CUDA backend, which results in a check failure. An...

4.4CVSS6.8AI score0.00166EPSS
Exploits0References1
OSV
OSV
added 2020/12/10 11:15 p.m.6 views

PYSEC-2020-301

In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a query-of-death vulnerability, via denial of service, if users can control the input to the layer...

4.4CVSS5.9AI score0.00166EPSS
Exploits0References2
PyPA
PyPA
added 2020/12/10 11:15 p.m.7 views

PYSEC-2020-256

In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a query-of-death vulnerability, via denial of service, if users can control the input to the layer...

4.4CVSS6.8AI score0.00166EPSS
Exploits0References2Affected Software1
PyPA
PyPA
added 2020/12/10 11:15 p.m.7 views

PYSEC-2020-336

In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a query-of-death vulnerability, via denial of service, if users can control the input to the layer...

4.4CVSS6.8AI score0.00166EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2020/12/10 11:15 p.m.8 views

PYSEC-2020-256

In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a query-of-death vulnerability, via denial of service, if users can control the input to the layer...

4.4CVSS5.9AI score0.00166EPSS
Exploits0References2
PyPA
PyPA
added 2020/12/10 11:15 p.m.7 views

PYSEC-2020-301

In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a query-of-death vulnerability, via denial of service, if users can control the input to the layer...

4.4CVSS6.8AI score0.00166EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2020/12/10 10:10 p.m.2 views

CVE-2020-26270

In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a query-of-death vulnerability, via denial of service, if users can control the input to the layer...

4.4CVSS6.9AI score0.00166EPSS
Exploits0
OSV
OSV
added 2020/12/10 7:7 p.m.1 views

GHSA-M648-33QF-V3GP CHECK-fail in LSTM with zero-length input in TensorFlow

Impact Running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a query-of-death vulnerability, via denial of service, if users can control the input to the layer. Patches We have patched the...

4.8CVSS5.9AI score0.00166EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2020/12/10 12:0 a.m.10 views

PT-2020-16393 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 1.15.5 TensorFlow versions prior to 2.0.4 TensorFlow versions prior to 2.1.3 TensorFlow versions prior to 2.2.2 TensorFlow versions prior to 2.3.2 TensorFlow versions prior to 2.4.0 Description: In affected versio...

9.3CVSS5.8AI score0.00451EPSS
Exploits5References93
CNNVD
CNNVD
added 2020/12/10 12:0 a.m.8 views

Google TensorFlow 输入验证错误漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a denial-of-service vulnerability that stems from the LSTM GRU layer receiving a zero-length input when using a CUDA backend, which results in a check failure. An...

4.4CVSS5.8AI score0.00166EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2019/08/13 3:18 p.m.4 views

kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial-of-service

The Salsa20 encryption algorithm in the Linux kernel, before 4.14.8, does not correctly handle zero-length inputs. This allows a local attacker the ability to use the AFALG-based skcipher interface to cause a denial of service uninitialized-memory free and kernel crash or have an unspecified othe...

7.8CVSS6.8AI score0.00428EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/10/30 12:5 p.m.3 views

kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial-of-service

The Salsa20 encryption algorithm in the Linux kernel, before 4.14.8, does not correctly handle zero-length inputs. This allows a local attacker the ability to use the AFALG-based skcipher interface to cause a denial of service uninitialized-memory free and kernel crash or have an unspecified othe...

7.8CVSS6.8AI score0.00428EPSS
Exploits0References4
CNVD
CNVD
added 2017/12/22 12:0 a.m.8 views

Linux kernel denial of service vulnerability (CNVD-2017-37874)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A vulnerability exists in the Salsa20 encryption algorithm in versions of Linux kernel prior to 4.14.8, which arises from a program's failure to properly handle input ...

7.8CVSS6.2AI score0.00428EPSS
Exploits0References1
OSV
OSV
added 2017/12/20 11:29 p.m.2 views

DEBIAN-CVE-2017-17805

The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AFALG-based skcipher interface CONFIGCRYPTOUSERAPISKCIPHER to cause a denial of service uninitialized-memory free and kernel crash or have...

7.8CVSS7.4AI score0.00428EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2017/12/20 12:0 a.m.10 views

PT-2017-15011 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.14.8 Description: The Salsa20 encryption algorithm in the Linux kernel does not correctly handle zero-length inputs. This allows a local attacker who can use the AF ALG-based skcipher interface to cause a deni...

10CVSS7.7AI score0.93838EPSS
Exploits103References548
OSV
OSV
added 2015/05/26 3:59 p.m.2 views

UBUNTU-CVE-2015-3808

The dissectlbmrpser function in epan/dissectors/packet-lbmr.c in the LBMR dissector in Wireshark 1.12.x before 1.12.5 does not reject a zero length, which allows remote attackers to cause a denial of service infinite loop via a crafted packet...

7.8CVSS6.4AI score0.02765EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2011/03/10 8:1 p.m.6 views

kernel: panic when submitting certain 0-length I/O requests

The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 2.6.37-rc7 allows local users to cause a denial of service panic via a zero-length I/O request in a device ioctl to a SCSI device, related to an unaligned map. NOTE: this vulnerability exists because of an incomplete fix f...

4.7CVSS5.8AI score0.00405EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2005/05/11 8:40 a.m.6 views

security flaw

The isisprint function, as called by isoclnsprint, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service infinite loop via a zero length, as demonstrated using a GRE packet...

5CVSS5.9AI score0.10796EPSS
Exploits0References4
Rows per page
Query Builder