58 matches found
Google TensorFlow Denial of Service Vulnerability (CNVD-2021-00093)
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a denial-of-service vulnerability that stems from the LSTM GRU layer receiving a zero-length input when using a CUDA backend, which results in a check failure. An...
PYSEC-2020-301
In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a query-of-death vulnerability, via denial of service, if users can control the input to the layer...
PYSEC-2020-256
In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a query-of-death vulnerability, via denial of service, if users can control the input to the layer...
PYSEC-2020-336
In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a query-of-death vulnerability, via denial of service, if users can control the input to the layer...
PYSEC-2020-256
In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a query-of-death vulnerability, via denial of service, if users can control the input to the layer...
PYSEC-2020-301
In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a query-of-death vulnerability, via denial of service, if users can control the input to the layer...
CVE-2020-26270
In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a query-of-death vulnerability, via denial of service, if users can control the input to the layer...
GHSA-M648-33QF-V3GP CHECK-fail in LSTM with zero-length input in TensorFlow
Impact Running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a query-of-death vulnerability, via denial of service, if users can control the input to the layer. Patches We have patched the...
PT-2020-16393 · Google · Tensorflow
Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 1.15.5 TensorFlow versions prior to 2.0.4 TensorFlow versions prior to 2.1.3 TensorFlow versions prior to 2.2.2 TensorFlow versions prior to 2.3.2 TensorFlow versions prior to 2.4.0 Description: In affected versio...
Google TensorFlow 输入验证错误漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a denial-of-service vulnerability that stems from the LSTM GRU layer receiving a zero-length input when using a CUDA backend, which results in a check failure. An...
kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial-of-service
The Salsa20 encryption algorithm in the Linux kernel, before 4.14.8, does not correctly handle zero-length inputs. This allows a local attacker the ability to use the AFALG-based skcipher interface to cause a denial of service uninitialized-memory free and kernel crash or have an unspecified othe...
kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial-of-service
The Salsa20 encryption algorithm in the Linux kernel, before 4.14.8, does not correctly handle zero-length inputs. This allows a local attacker the ability to use the AFALG-based skcipher interface to cause a denial of service uninitialized-memory free and kernel crash or have an unspecified othe...
Linux kernel denial of service vulnerability (CNVD-2017-37874)
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A vulnerability exists in the Salsa20 encryption algorithm in versions of Linux kernel prior to 4.14.8, which arises from a program's failure to properly handle input ...
DEBIAN-CVE-2017-17805
The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AFALG-based skcipher interface CONFIGCRYPTOUSERAPISKCIPHER to cause a denial of service uninitialized-memory free and kernel crash or have...
PT-2017-15011 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.14.8 Description: The Salsa20 encryption algorithm in the Linux kernel does not correctly handle zero-length inputs. This allows a local attacker who can use the AF ALG-based skcipher interface to cause a deni...
UBUNTU-CVE-2015-3808
The dissectlbmrpser function in epan/dissectors/packet-lbmr.c in the LBMR dissector in Wireshark 1.12.x before 1.12.5 does not reject a zero length, which allows remote attackers to cause a denial of service infinite loop via a crafted packet...
kernel: panic when submitting certain 0-length I/O requests
The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 2.6.37-rc7 allows local users to cause a denial of service panic via a zero-length I/O request in a device ioctl to a SCSI device, related to an unaligned map. NOTE: this vulnerability exists because of an incomplete fix f...
security flaw
The isisprint function, as called by isoclnsprint, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service infinite loop via a zero length, as demonstrated using a GRE packet...