7035 matches found
TensorFlow has Null Pointer Error in LookupTableImportV2
ImpactThe function tf.rawops.LookupTableImportV2 cannot handle scalars in the values parameter and gives an NPE.pythonimport tensorflow as tfv = [email protected]=Truedef test: func = tf.rawops.LookupTableImportV2 para='tablehandle': v.handle,'keys': 62.98910140991211,...
TensorFlow has segmentation fault in tfg-translate
ImpactOut-of-bounds access due to mismatched integer type sizes in ValueMap::Manager::GetValueOrCreatePlaceholder. Bug with tfg-translate call to InitMlir. The problem happens with generic functions, as it is already handled for non-generic functions. This is because they, unlike non-generic...
TensorFlow has Null Pointer Error in RandomShuffle with XLA enable
ImpactNPE in RandomShuffle with XLA enable pythonimport tensorflow as tffunc = tf.rawops.RandomShufflepara = 'value': 1e+20, 'seed': -4294967297, 'seed2': [email protected]=Truedef test: y = funcpara return ytest PatchesWe have patched the issue in GitHub commit...
TensorFlow has Null Pointer Error in RandomShuffle with XLA enable
ImpactNPE in RandomShuffle with XLA enable pythonimport tensorflow as tffunc = tf.rawops.RandomShufflepara = 'value': 1e+20, 'seed': -4294967297, 'seed2': [email protected]=Truedef test: y = funcpara return ytest PatchesWe have patched the issue in GitHub commit...
TensorFlow has Null Pointer Error in QuantizedMatMulWithBiasAndDequantize
ImpactNPE in QuantizedMatMulWithBiasAndDequantize with MKL enable pythonimport tensorflow as tffunc = tf.rawops.QuantizedMatMulWithBiasAndDequantizepara='a': tf.constant138, dtype=tf.quint8, 'b': tf.constant4, dtype=tf.qint8, 'bias': 31.81644630432129, 47.21876525878906, 109.95201110839844,...
TensorFlow has Segfault in Bincount with XLA
ImpactWhen running with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor.pythonimport tensorflow as tffunc = tf.rawops.Bincountpara='arr': 6, 'size': 804, 'weights': 52, [email protected]=Truedef fuzzjit...
TensorFlow has Null Pointer Error in LookupTableImportV2
ImpactThe function tf.rawops.LookupTableImportV2 cannot handle scalars in the values parameter and gives an NPE.pythonimport tensorflow as tfv = [email protected]=Truedef test: func = tf.rawops.LookupTableImportV2 para='tablehandle': v.handle,'keys': 62.98910140991211,...
TensorFlow has Floating Point Exception in TFLite in conv kernel
ImpactConstructing a tflite model with a paramater filterinputchannel of less than 1 gives a FPE. PatchesWe have patched the issue in GitHub commit 34f8368c535253f5c9cb3a303297743b62442aaa.The fix will be included in TensorFlow 2.12. We will also cherrypick this commit on TensorFlow 2.11.1. For...
TensorFlow has Segfault in Bincount with XLA
ImpactWhen running with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor.pythonimport tensorflow as tffunc = tf.rawops.Bincountpara='arr': 6, 'size': 804, 'weights': 52, [email protected]=Truedef fuzzjit...
TensorFlow has double free in Fractional(Max/Avg)Pool
Impactnnops.fractionalavgpoolv2 and nnops.fractionalmaxpoolv2 require the first and fourth elements of their parameter poolingratio to be equal to 1.0, as pooling on batch and channel dimensions is not supported.pythonimport tensorflow as tfimport osimport numpy as npfrom tensorflow.python.ops...
TensorFlow has null dereference on ParallelConcat with XLA
ImpactWhen running with XLA, tf.rawops.ParallelConcat segfaults with a nullptr dereference when given a parameter shape with rank that is not greater than zero.pythonimport tensorflow as tffunc = tf.rawops.ParallelConcatpara = 'shape': 0, 'values': [email protected]=Truedef test: y = funcpa...
TensorFlow has Floating Point Exception in TFLite in conv kernel
ImpactConstructing a tflite model with a paramater filterinputchannel of less than 1 gives a FPE. PatchesWe have patched the issue in GitHub commit 34f8368c535253f5c9cb3a303297743b62442aaa.The fix will be included in TensorFlow 2.12. We will also cherrypick this commit on TensorFlow 2.11.1. For...
TensorFlow has null dereference on ParallelConcat with XLA
ImpactWhen running with XLA, tf.rawops.ParallelConcat segfaults with a nullptr dereference when given a parameter shape with rank that is not greater than zero.pythonimport tensorflow as tffunc = tf.rawops.ParallelConcatpara = 'shape': 0, 'values': [email protected]=Truedef test: y = funcpa...
TensorFlow has double free in Fractional(Max/Avg)Pool
Impactnnops.fractionalavgpoolv2 and nnops.fractionalmaxpoolv2 require the first and fourth elements of their parameter poolingratio to be equal to 1.0, as pooling on batch and channel dimensions is not supported.pythonimport tensorflow as tfimport osimport numpy as npfrom tensorflow.python.ops...
TensorFlow vulnerable to Out-of-Bounds Read in GRUBlockCellGrad
ImpactOut of bounds read in GRUBlockCellGradpythonfunc = tf.rawops.GRUBlockCellGradpara = 'x': 21.1, 156.2, 83.3, 115.4, 'hprev': array136.5, 136.6, 'wru': array26.7, 0.8, 47.9, 26.1, 26.2, 26.3, 'wc': array 0.4, 31.5, 0.6, 'bru': array0.1, 0.2 , dtype=float32, 'bc': 0x41414141, 'r': array0.3, 0....
TensorFlow vulnerable to Out-of-Bounds Read in GRUBlockCellGrad
ImpactOut of bounds read in GRUBlockCellGradpythonfunc = tf.rawops.GRUBlockCellGradpara = 'x': 21.1, 156.2, 83.3, 115.4, 'hprev': array136.5, 136.6, 'wru': array26.7, 0.8, 47.9, 26.1, 26.2, 26.3, 'wc': array 0.4, 31.5, 0.6, 'bru': array0.1, 0.2 , dtype=float32, 'bc': 0x41414141, 'r': array0.3, 0....
Tensorflow vulnerable to Out-of-Bounds Read
ImpactWhen the BaseCandidateSamplerOp function receives a value in trueclasses larger than rangemax, a heap oob vuln occurs.pythontf.rawops.ThreadUnsafeUnigramCandidateSampler trueclasses=0x100000,1, numtrue = 2, numsampled = 2, unique = False, rangemax = 2, seed = 2, seed2 = 2 PatchesWe have...
Tensorflow vulnerable to Out-of-Bounds Read
ImpactWhen the BaseCandidateSamplerOp function receives a value in trueclasses larger than rangemax, a heap oob vuln occurs.pythontf.rawops.ThreadUnsafeUnigramCandidateSampler trueclasses=0x100000,1, numtrue = 2, numsampled = 2, unique = False, rangemax = 2, seed = 2, seed2 = 2 PatchesWe have...
Invalid char to bool conversion when printing a tensor
ImpactWhen printing a tensor, we get it's data as a const char array since that's the underlying storage and then we typecast it to the element type. However, conversions from char to bool are undefined if the char is not 0 or 1, so sanitizers/fuzzers will crash. PatchesWe have patched the issue ...
OpenStack Cinder, glance, and Nova vulnerable to Path Traversal
An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, a...
OpenStack Cinder, glance, and Nova vulnerable to Path Traversal
An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, a...
Heap overflow in `QuantizeAndDequantizeV2`
ImpactThe function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered.pythonimport tensorflow as [email protected] test:...
Heap overflow in `QuantizeAndDequantizeV2`
ImpactThe function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered.pythonimport tensorflow as [email protected] test:...
`CHECK_EQ` fail via input in `SparseMatrixNNZ`
ImpactAn input sparsematrix that is not a matrix with a shape with rank 0 will trigger a CHECK fail in tf.rawops.SparseMatrixNNZ.pythonimport tensorflow as tftf.rawops.SparseMatrixNNZsparsematrix= PatchesWe have patched the issue in GitHub commit f856d02e5322821aad155dad9b3acab1e9f5d693.The fix...
Overflow in `ResizeNearestNeighborGrad`
ImpactWhen tf.rawops.ResizeNearestNeighborGrad is given a large size input, it overflows.import tensorflow as tfaligncorners = Truehalfpixelcenters = Falsegrads = tf.constant1, shape=1,8,16,3, dtype=tf.float16size = tf.constant1879048192,1879048192, shape=2,...
Out of bounds write in grappler in Tensorflow
ImpactThe function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. PatchesWe have patched the issue in GitHub commit...
Segfault in `CompositeTensorVariantToComponents`
ImpactAn input encoded that is not a valid CompositeTensorVariant tensor will trigger a segfault in tf.rawops.CompositeTensorVariantToComponents.pythonimport tensorflow as tfencode = tf.rawops.EmptyTensorListelementdtype=tf.int32, elementshape=10, 15, maxnumelements=2meta=...
`CHECK` fail via inputs in `PyFunc`
ImpactAn input token that is not a UTF-8 bytestring will trigger a CHECK fail in tf.rawops.PyFunc.pythonimport tensorflow as tfvalue = tf.constantvalue=1,2token = b'\xb0'dataType = tf.int32tf.rawops.PyFuncinput=value,token=token,Tout=dataType PatchesWe have patched the issue in GitHub commit...
Overflow in `ResizeNearestNeighborGrad`
ImpactWhen tf.rawops.ResizeNearestNeighborGrad is given a large size input, it overflows.import tensorflow as tfaligncorners = Truehalfpixelcenters = Falsegrads = tf.constant1, shape=1,8,16,3, dtype=tf.float16size = tf.constant1879048192,1879048192, shape=2,...
Segfault in `CompositeTensorVariantToComponents`
ImpactAn input encoded that is not a valid CompositeTensorVariant tensor will trigger a segfault in tf.rawops.CompositeTensorVariantToComponents.pythonimport tensorflow as tfencode = tf.rawops.EmptyTensorListelementdtype=tf.int32, elementshape=10, 15, maxnumelements=2meta=...
`CHECK` fail via inputs in `PyFunc`
ImpactAn input token that is not a UTF-8 bytestring will trigger a CHECK fail in tf.rawops.PyFunc.pythonimport tensorflow as tfvalue = tf.constantvalue=1,2token = b'\xb0'dataType = tf.int32tf.rawops.PyFuncinput=value,token=token,Tout=dataType PatchesWe have patched the issue in GitHub commit...
Out of bounds write in grappler in Tensorflow
ImpactThe function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. PatchesWe have patched the issue in GitHub commit...
FractionalMaxPool and FractionalAVGPool heap out-of-bounds acess
ImpactAn input poolingratio that is smaller than 1 will trigger a heap OOB in tf.rawops.FractionalMaxPool and tf.rawops.FractionalAvgPool. PatchesWe have patched the issue in GitHub commit 216525144ee7c910296f5b05d214ca1327c9ce48.The fix will be included in TensorFlow 2.11.0. We will also cherry...
`CHECK` fail via inputs in `SparseFillEmptyRowsGrad`
ImpactIf SparseFillEmptyRowsGrad is given empty inputs, TensorFlow will crash.pythonimport tensorflow as tftf.rawops.SparseFillEmptyRowsGrad reverseindexmap=, gradvalues=, name=None PatchesWe have patched the issue in GitHub commit af4a6a3c8b95022c351edae94560acc61253a1b8.The fix will be included...
`CHECK` fail via inputs in `SdcaOptimizer`
ImpactInputs densefeatures or examplestatedata not of rank 2 will trigger a CHECK fail in SdcaOptimizer.pythonimport tensorflow as tftf.rawops.SdcaOptimizer sparseexampleindices=4 tf.random.uniform5,5,5,3, dtype=tf.dtypes.int64, maxval=100, sparsefeatureindices=4 tf.random.uniform5,5,5,3,...
`CHECK` fail via inputs in `SparseFillEmptyRowsGrad`
ImpactIf SparseFillEmptyRowsGrad is given empty inputs, TensorFlow will crash.pythonimport tensorflow as tftf.rawops.SparseFillEmptyRowsGrad reverseindexmap=, gradvalues=, name=None PatchesWe have patched the issue in GitHub commit af4a6a3c8b95022c351edae94560acc61253a1b8.The fix will be included...
FractionalMaxPool and FractionalAVGPool heap out-of-bounds acess
ImpactAn input poolingratio that is smaller than 1 will trigger a heap OOB in tf.rawops.FractionalMaxPool and tf.rawops.FractionalAvgPool. PatchesWe have patched the issue in GitHub commit 216525144ee7c910296f5b05d214ca1327c9ce48.The fix will be included in TensorFlow 2.11.0. We will also cherry...
`CHECK_EQ` fail via input in `SparseMatrixNNZ`
ImpactAn input sparsematrix that is not a matrix with a shape with rank 0 will trigger a CHECK fail in tf.rawops.SparseMatrixNNZ.pythonimport tensorflow as tftf.rawops.SparseMatrixNNZsparsematrix= PatchesWe have patched the issue in GitHub commit f856d02e5322821aad155dad9b3acab1e9f5d693.The fix...
`CHECK` fail via inputs in `SdcaOptimizer`
ImpactInputs densefeatures or examplestatedata not of rank 2 will trigger a CHECK fail in SdcaOptimizer.pythonimport tensorflow as tftf.rawops.SdcaOptimizer sparseexampleindices=4 tf.random.uniform5,5,5,3, dtype=tf.dtypes.int64, maxval=100, sparsefeatureindices=4 tf.random.uniform5,5,5,3,...
`MirrorPadGrad` heap out of bounds read
ImpactIf MirrorPadGrad is given outsize input paddings, TensorFlow will give a heap OOB error.pythonimport tensorflow as tftf.rawops.MirrorPadGradinput=1, paddings=0x77f00000,0xa000000, mode = 'REFLECT' PatchesWe have patched the issue in GitHub commit 717ca98d8c3bba348ff62281fdf38dcb5ea1ec92.The...
`FractionalMaxPoolGrad` Heap out of bounds read
ImpactIf FractionMaxPoolGrad is given outsize inputs rowpoolingsequence and colpoolingsequence, TensorFlow will crash.pythonimport tensorflow as tftf.rawops.FractionMaxPoolGrad originput = 1, 1, 1, 1, 1, origoutput = 1, 1, 1, outbackprop = 3, 3, 6, rowpoolingsequence = -0x4000000, 1, 1,...
`tf.raw_ops.Mfcc` crashes
ImpactIf ThreadUnsafeUnigramCandidateSampler is given input filterbankchannelcount greater than the allowed max size, TensorFlow will crash.pythonimport tensorflow as tftf.rawops.Mfcc spectrogram = 1.38, 6.32, 5.75, 9.51, samplerate = 2, upperfrequencylimit = 5.0, lowerfrequencylimit = 1.0,...
`CHECK_EQ` fail in `tf.raw_ops.TensorListResize`
ImpactIf tf.rawops.TensorListResize is given a nonscalar value for input size, it results CHECK fail which can be used to trigger a denial of service attack.pythonimport numpy as npimport tensorflow as tfa = datastructures.tftensorlistnewelements = tf.constantvalue=3, 4, 5b = np.zeros0, 2, 3,...
Segfault in `tf.raw_ops.TensorListConcat`
ImpactIf tf.rawops.TensorListConcat is given elementshape=, it results segmentation fault which can be used to trigger a denial of service attack.pythonimport tensorflow as tftf.rawops.TensorListConcat inputhandle=tf.data.experimental.tovarianttf.data.Dataset.fromtensorslices1, 2, 3,...
`CHECK_EQ` fail in `tf.raw_ops.TensorListResize`
ImpactIf tf.rawops.TensorListResize is given a nonscalar value for input size, it results CHECK fail which can be used to trigger a denial of service attack.pythonimport numpy as npimport tensorflow as tfa = datastructures.tftensorlistnewelements = tf.constantvalue=3, 4, 5b = np.zeros0, 2, 3,...
Segfault in `tf.raw_ops.TensorListConcat`
ImpactIf tf.rawops.TensorListConcat is given elementshape=, it results segmentation fault which can be used to trigger a denial of service attack.pythonimport tensorflow as tftf.rawops.TensorListConcat inputhandle=tf.data.experimental.tovarianttf.data.Dataset.fromtensorslices1, 2, 3,...
`tf.raw_ops.Mfcc` crashes
ImpactIf ThreadUnsafeUnigramCandidateSampler is given input filterbankchannelcount greater than the allowed max size, TensorFlow will crash.pythonimport tensorflow as tftf.rawops.Mfcc spectrogram = 1.38, 6.32, 5.75, 9.51, samplerate = 2, upperfrequencylimit = 5.0, lowerfrequencylimit = 1.0,...
`MirrorPadGrad` heap out of bounds read
ImpactIf MirrorPadGrad is given outsize input paddings, TensorFlow will give a heap OOB error.pythonimport tensorflow as tftf.rawops.MirrorPadGradinput=1, paddings=0x77f00000,0xa000000, mode = 'REFLECT' PatchesWe have patched the issue in GitHub commit 717ca98d8c3bba348ff62281fdf38dcb5ea1ec92.The...
`FractionalMaxPoolGrad` Heap out of bounds read
ImpactIf FractionMaxPoolGrad is given outsize inputs rowpoolingsequence and colpoolingsequence, TensorFlow will crash.pythonimport tensorflow as tftf.rawops.FractionMaxPoolGrad originput = 1, 1, 1, 1, 1, origoutput = 1, 1, 1, outbackprop = 3, 3, 6, rowpoolingsequence = -0x4000000, 1, 1,...
Segfault via invalid attributes in `pywrap_tfe_src.cc`
ImpactIf a list of quantized tensors is assigned to an attribute, the pywrap code fails to parse the tensor and returns a nullptr, which is not caught. An example can be seen in tf.compat.v1.extractvolumepatches by passing in quantized tensors as input ksizes.pythonimport numpy as npimport...