7035 matches found
TensorFlow vulnerable to `CHECK` fail in `FakeQuantWithMinMaxVarsPerChannelGradient`
ImpactWhen tf.quantization.fakequantwithminmaxvarsperchannelgradient receives input min or max of rank other than 1, it gives a CHECK fail that can trigger a denial of service attack.pythonimport tensorflow as tfarg0=tf.random.uniformshape=1,1, dtype=tf.float32,...
TensorFlow vulnerable to `CHECK` fail in `AvgPoolGrad`
ImpactThe implementation of AvgPoolGrad does not fully validate the input originputshape. This results in a CHECK failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tfksize = 1, 2, 2, 1strides = 1, 2, 2, 1padding = "VALID"dataformat = "NHWC"originputshape =...
TensorFlow vulnerable to `CHECK` fail in `AvgPoolGrad`
ImpactThe implementation of AvgPoolGrad does not fully validate the input originputshape. This results in a CHECK failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tfksize = 1, 2, 2, 1strides = 1, 2, 2, 1padding = "VALID"dataformat = "NHWC"originputshape =...
TensorFlow vulnerable to segfault in `LowerBound` and `UpperBound`
ImpactIf LowerBound or UpperBound is given an emptysortedinputs input, it results in a nullptr dereference, leading to a segfault that can be used to trigger a denial of service attack.pythonimport tensorflow as tfouttype = tf.int32sortedinputs = tf.constant, shape=10,0, dtype=tf.float32values =...
TensorFlow vulnerable to `CHECK` fail in `TensorListFromTensor`
ImpactWhen TensorListFromTensor receives an elementshape of a rank greater than one, it gives a CHECK fail that can trigger a denial of service attack.pythonimport tensorflow as tfarg0=tf.random.uniformshape=6, 6, 2, dtype=tf.bfloat16, maxval=Nonearg1=tf.random.uniformshape=6, 9, 1, 3,...
TensorFlow vulnerable to `CHECK` fail in `SetSize`
ImpactWhen SetSize receives an input setshape that is not a 1D tensor, it gives a CHECK fails that can be used to trigger a denial of service attack.pythonimport tensorflow as tfarg0=1arg1=1,1arg2=1arg3=Truearg4=''tf.rawops.SetSizesetindices=arg0, setvalues=arg1, setshape=arg2,...
TensorFlow vulnerable to segfault in `BlockLSTMGradV2`
ImpactThe implementation of BlockLSTMGradV2 does not fully validate its inputs. - wci, wcf, wco, b must be rank 1 - w, csprev, hprev must be rank 2 - x must be rank 3This results in a a segfault that can be used to trigger a denial of service attack.pythonimport tensorflow as tfusepeephole =...
TensorFlow vulnerable to `CHECK` fail in `SetSize`
ImpactWhen SetSize receives an input setshape that is not a 1D tensor, it gives a CHECK fails that can be used to trigger a denial of service attack.pythonimport tensorflow as tfarg0=1arg1=1,1arg2=1arg3=Truearg4=''tf.rawops.SetSizesetindices=arg0, setvalues=arg1, setshape=arg2,...
TensorFlow vulnerable to segfault in `LowerBound` and `UpperBound`
ImpactIf LowerBound or UpperBound is given an emptysortedinputs input, it results in a nullptr dereference, leading to a segfault that can be used to trigger a denial of service attack.pythonimport tensorflow as tfouttype = tf.int32sortedinputs = tf.constant, shape=10,0, dtype=tf.float32values =...
TensorFlow vulnerable to `CHECK` fail in `TensorListFromTensor`
ImpactWhen TensorListFromTensor receives an elementshape of a rank greater than one, it gives a CHECK fail that can trigger a denial of service attack.pythonimport tensorflow as tfarg0=tf.random.uniformshape=6, 6, 2, dtype=tf.bfloat16, maxval=Nonearg1=tf.random.uniformshape=6, 9, 1, 3,...
TensorFlow vulnerable to segfault in `BlockLSTMGradV2`
ImpactThe implementation of BlockLSTMGradV2 does not fully validate its inputs. - wci, wcf, wco, b must be rank 1 - w, csprev, hprev must be rank 2 - x must be rank 3This results in a a segfault that can be used to trigger a denial of service attack.pythonimport tensorflow as tfusepeephole =...
TensorFlow vulnerable to `CHECK` fail in `TensorListScatter` and `TensorListScatterV2`
ImpactWhen TensorListScatter and TensorListScatterV2 receive an elementshape of a rank greater than one, they give a CHECK fail that can trigger a denial of service attack.pythonimport tensorflow as tfarg0=tf.random.uniformshape=2, 2, 2, dtype=tf.float16, maxval=Nonearg1=tf.random.uniformshape=2,...
TensorFlow vulnerable to Int overflow in `RaggedRangeOp`
ImpactThe RaggedRangOp function takes an argument limits that is eventually used to construct a TensorShape as an int64. If limits is a very large float, it can overflow when converted to an int64. This triggers an InvalidArgument but also throws an abort signal that crashes the...
TensorFlow vulnerable to `CHECK` failures in `FractionalAvgPoolGrad`
ImpactThe implementation of FractionalAvgPoolGrad does not fully validate the input originputtensorshape. This results in an overflow that results in a CHECK failure which can be used to trigger a denial of service attack.pythonimport tensorflow as tfoverlapping = Trueoriginputtensorshape =...
TensorFlow vulnerable to `CHECK` fail in `CollectiveGather`
ImpactWhen CollectiveGather receives an scalar input input, it gives a CHECK fails that can be used to trigger a denial of service attack.pythonimport tensorflow as tfarg0=1arg1=1arg2=1arg3=1arg4=3, 3,3arg5='auto'arg6=0arg7=''tf.rawops.CollectiveGatherinput=arg0, groupsize=arg1, groupkey=arg2,...
TensorFlow vulnerable to `CHECK` fail in `CollectiveGather`
ImpactWhen CollectiveGather receives an scalar input input, it gives a CHECK fails that can be used to trigger a denial of service attack.pythonimport tensorflow as tfarg0=1arg1=1arg2=1arg3=1arg4=3, 3,3arg5='auto'arg6=0arg7=''tf.rawops.CollectiveGatherinput=arg0, groupsize=arg1, groupkey=arg2,...
TensorFlow vulnerable to `CHECK` failures in `UnbatchGradOp`
ImpactThe UnbatchGradOp function takes an argument id that is assumed to be a scalar. A nonscalar id can trigger a CHECK failure and crash the program.pythonimport numpy as npimport tensorflow as tf id is not scalartf.rawops.UnbatchGradoriginalinput= tf.constant1,batchindex=tf.constant0,0,0 , ,...
TensorFlow vulnerable to `CHECK` failures in `FractionalAvgPoolGrad`
ImpactThe implementation of FractionalAvgPoolGrad does not fully validate the input originputtensorshape. This results in an overflow that results in a CHECK failure which can be used to trigger a denial of service attack.pythonimport tensorflow as tfoverlapping = Trueoriginputtensorshape =...
TensorFlow vulnerable to `CHECK` failures in `UnbatchGradOp`
ImpactThe UnbatchGradOp function takes an argument id that is assumed to be a scalar. A nonscalar id can trigger a CHECK failure and crash the program.pythonimport numpy as npimport tensorflow as tf id is not scalartf.rawops.UnbatchGradoriginalinput= tf.constant1,batchindex=tf.constant0,0,0 , ,...
TensorFlow vulnerable to `CHECK` failure in `TensorListReserve` via missing validation
ImpactIn core/kernels/listkernels.cc's TensorListReserve, numelements is assumed to be a tensor of size 1. When a numelements of more than 1 element is provided, then tf.rawops.TensorListReserve fails the CHECKEQ in CheckIsAlignedAndSingleElement.pythonimport tensorflow as...
TensorFlow vulnerable to Int overflow in `RaggedRangeOp`
ImpactThe RaggedRangOp function takes an argument limits that is eventually used to construct a TensorShape as an int64. If limits is a very large float, it can overflow when converted to an int64. This triggers an InvalidArgument but also throws an abort signal that crashes the...
TensorFlow vulnerable to `CHECK` failures in `AvgPool3DGrad`
ImpactThe implementation of AvgPool3DGradOp does not fully validate the input originputshape. This results in an overflow that results in a CHECK failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tfksize = 1, 1, 1, 1, 1strides = 1, 1, 1, 1, 1padding =...
TensorFlow vulnerable to floating point exception in `Conv2D`
ImpactIf Conv2D is given empty input and the filter and padding sizes are valid, the output is all-zeros. This causes division-by-zero floating point exceptions that can be used to trigger a denial of service attack.pythonimport tensorflow as tfimport numpy as npwith tf.device"CPU": also can be...
TensorFlow vulnerable to `CHECK` failure in `TensorListReserve` via missing validation
ImpactIn core/kernels/listkernels.cc's TensorListReserve, numelements is assumed to be a tensor of size 1. When a numelements of more than 1 element is provided, then tf.rawops.TensorListReserve fails the CHECKEQ in CheckIsAlignedAndSingleElement.pythonimport tensorflow as...
TensorFlow vulnerable to `CHECK` fail in `DrawBoundingBoxes`
ImpactWhen DrawBoundingBoxes receives an input boxes that is not of dtype float, it gives a CHECK fail that can trigger a denial of service attack.pythonimport tensorflow as tfimport numpy as nparg0=tf.constantvalue=np.random.randomsize=1, 3, 2, 3, shape=1, 3, 2, 3,...
TensorFlow vulnerable to `CHECK` fail in `DrawBoundingBoxes`
ImpactWhen DrawBoundingBoxes receives an input boxes that is not of dtype float, it gives a CHECK fail that can trigger a denial of service attack.pythonimport tensorflow as tfimport numpy as nparg0=tf.constantvalue=np.random.randomsize=1, 3, 2, 3, shape=1, 3, 2, 3,...
TensorFlow vulnerable to null dereference on MLIR on empty function attributes
ImpactEig can be fed an incorrect Tout input, resulting in a CHECK fail that can trigger a denial of service attack.pythonimport tensorflow as tfimport numpy as np arg0=tf.constantvalue=np.random.randomsize=2, 2, shape=2, 2, dtype=tf.float32arg1=tf.complex128arg2=Truearg3=''tf.rawops.Eiginput=arg...
TensorFlow vulnerable to `CHECK` failures in `AvgPool3DGrad`
ImpactThe implementation of AvgPool3DGradOp does not fully validate the input originputshape. This results in an overflow that results in a CHECK failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tfksize = 1, 1, 1, 1, 1strides = 1, 1, 1, 1, 1padding =...
TensorFlow vulnerable to null dereference on MLIR on empty function attributes
ImpactEig can be fed an incorrect Tout input, resulting in a CHECK fail that can trigger a denial of service attack.pythonimport tensorflow as tfimport numpy as np arg0=tf.constantvalue=np.random.randomsize=2, 2, shape=2, 2, dtype=tf.float32arg1=tf.complex128arg2=Truearg3=''tf.rawops.Eiginput=arg...
TensorFlow vulnerable to floating point exception in `Conv2D`
ImpactIf Conv2D is given empty input and the filter and padding sizes are valid, the output is all-zeros. This causes division-by-zero floating point exceptions that can be used to trigger a denial of service attack.pythonimport tensorflow as tfimport numpy as npwith tf.device"CPU": also can be...
TensorFlow vulnerable to null-dereference in `mlir::tfg::GraphDefImporter::ConvertNodeDef`
ImpactWhen mlir::tfg::GraphDefImporter::ConvertNodeDef tries to convert NodeDefs without an op name, it crashes.cppStatus GraphDefImporter::ConvertNodeDefOpBuilder , ConversionState , const NodeDef VLOG4 opdef; else auto it = functionopdefs.findnode.op; if it == functionopdefs.end return...
TensorFlow vulnerable to `CHECK` fail in `Unbatch`
ImpactWhen Unbatch receives a nonscalar input id, it gives a CHECK fail that can trigger a denial of service attack.pythonimport tensorflow as tfimport numpy as nparg0=tf.constantvalue=np.random.randomsize=3, 3, 1, dtype=tf.float64arg1=tf.constantvalue=np.random.randint0,100,size=3, 3, 1,...
TensorFlow vulnerable to null-dereference in `mlir::tfg::GraphDefImporter::ConvertNodeDef`
ImpactWhen mlir::tfg::GraphDefImporter::ConvertNodeDef tries to convert NodeDefs without an op name, it crashes.cppStatus GraphDefImporter::ConvertNodeDefOpBuilder , ConversionState , const NodeDef VLOG4 opdef; else auto it = functionopdefs.findnode.op; if it == functionopdefs.end return...
TensorFlow vulnerable to segfault in `Requantize`
ImpactIf Requantize is given inputmin, inputmax, requestedoutputmin, requestedoutputmax tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack.pythonimport tensorflow as tfouttype = tf.quint8input = tf.constant1, shape=3, dtype=tf.qint32inputmin...
TensorFlow vulnerable to `CHECK` fail in `Unbatch`
ImpactWhen Unbatch receives a nonscalar input id, it gives a CHECK fail that can trigger a denial of service attack.pythonimport tensorflow as tfimport numpy as nparg0=tf.constantvalue=np.random.randomsize=3, 3, 1, dtype=tf.float64arg1=tf.constantvalue=np.random.randint0,100,size=3, 3, 1,...
TensorFlow vulnerable to null dereference on MLIR on empty function attributes
ImpactWhen mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it gives a null dereference.cpp// Import the function attributes with a tf. prefix to match the current// infrastructure expectations.for const auto& namedAttr : func.attr const std::string& name = "tf."...
TensorFlow vulnerable to segfault in `Requantize`
ImpactIf Requantize is given inputmin, inputmax, requestedoutputmin, requestedoutputmax tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack.pythonimport tensorflow as tfouttype = tf.quint8input = tf.constant1, shape=3, dtype=tf.qint32inputmin...
TensorFlow vulnerable to null dereference on MLIR on empty function attributes
ImpactWhen mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it gives a null dereference.cpp// Import the function attributes with a tf. prefix to match the current// infrastructure expectations.for const auto& namedAttr : func.attr const std::string& name = "tf."...
TensorFlow vulnerable to `CHECK` fail in `RandomPoissonV2`
ImpactWhen RandomPoissonV2 receives large input shape and rates, it gives a CHECK fail that can trigger a denial of service attack.pythonimport tensorflow as tfarg0=tf.random.uniformshape=4,, dtype=tf.int32, maxval=65536arg1=tf.random.uniformshape=4, 4, 4, 4, 4, dtype=tf.float32,...
TensorFlow vulnerable to `CHECK` fail in `AudioSummaryV2`
ImpactWhen AudioSummaryV2 receives an input samplerate with more than one element, it gives a CHECK fails that can be used to trigger a denial of service attack.pythonimport tensorflow as tfarg0=''arg1=tf.random.uniformshape=1,1, dtype=tf.float32, maxval=Nonearg2=tf.random.uniformshape=2,1,...
TensorFlow vulnerable to `CHECK` fail in `AudioSummaryV2`
ImpactWhen AudioSummaryV2 receives an input samplerate with more than one element, it gives a CHECK fails that can be used to trigger a denial of service attack.pythonimport tensorflow as tfarg0=''arg1=tf.random.uniformshape=1,1, dtype=tf.float32, maxval=Nonearg2=tf.random.uniformshape=2,1,...
TensorFlow vulnerable to `CHECK` fail in `RandomPoissonV2`
ImpactWhen RandomPoissonV2 receives large input shape and rates, it gives a CHECK fail that can trigger a denial of service attack.pythonimport tensorflow as tfarg0=tf.random.uniformshape=4,, dtype=tf.int32, maxval=65536arg1=tf.random.uniformshape=4, 4, 4, 4, 4, dtype=tf.float32,...
TensorFlow vulnerable to `CHECK` fail in `tf.random.gamma`
ImpactWhen tf.random.gamma receives large input shape and rates, it gives a CHECK fail that can trigger a denial of service attack.pythonimport tensorflow as tfarg0=tf.random.uniformshape=4,, dtype=tf.int32, maxval=65536arg1=tf.random.uniformshape=4, 4, dtype=tf.float64,...
TensorFlow vulnerable to `CHECK` fail in `tf.random.gamma`
ImpactWhen tf.random.gamma receives large input shape and rates, it gives a CHECK fail that can trigger a denial of service attack.pythonimport tensorflow as tfarg0=tf.random.uniformshape=4,, dtype=tf.int32, maxval=65536arg1=tf.random.uniformshape=4, 4, dtype=tf.float64,...
TensorFlow vulnerable to `CHECK`-fail in `tensorflow::full_type::SubstituteFromAttrs`
ImpactWhen tensorflow::fulltype::SubstituteFromAttrs receives a FullTypeDef& t that is not exactly three args, it triggers a CHECK-fail instead of returning a status.cppStatus SubstituteForEachAttrMap& attrs, FullTypeDef& t DCHECKEQt.argssize, 3; const auto& cont = t.args0; const auto& tmpl =...
TensorFlow vulnerable to `CHECK` fail in `FakeQuantWithMinMaxVarsGradient`
ImpactWhen tf.quantization.fakequantwithminmaxvarsgradient receives input min or max that is nonscalar, it gives a CHECK fail that can trigger a denial of service attack.pythonimport tensorflow as tfimport numpy as np arg0=tf.constantvalue=np.random.randomsize=2, 2, shape=2, 2,...
TensorFlow vulnerable to `CHECK` fail in `FakeQuantWithMinMaxVarsGradient`
ImpactWhen tf.quantization.fakequantwithminmaxvarsgradient receives input min or max that is nonscalar, it gives a CHECK fail that can trigger a denial of service attack.pythonimport tensorflow as tfimport numpy as np arg0=tf.constantvalue=np.random.randomsize=2, 2, shape=2, 2,...
TensorFlow vulnerable to null-dereference in `mlir::tfg::TFOp::nameAttr`
ImpactWhen mlir::tfg::TFOp::nameAttr receives null type list attributes, it crashes.cppStatusOr GraphDefImporter::ArgNumTypeconst NamedAttrList , const OpDef::ArgDef def, SmallVectorImpl // Check whether a type list attribute is specified. if !argdef.typelistattr.empty if auto v =...
TensorFlow vulnerable to assertion fail on MLIR empty edge names
ImpactWhen mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it crashes.cpp// We pre-allocate the array of operands and populate it using the// outputnametoposition and controloutputtoposition populated// previously.SmallVector retvalsfunc.retsize +...
TensorFlow vulnerable to `CHECK` fail in `DenseBincount`
ImpactDenseBincount assumes its input tensor weights to either have the same shape as its input tensor input or to be length-0. A different weights shape will trigger a CHECK fail that can be used to trigger a denial of service attack.pythonimport tensorflow as tfbinaryoutput = Trueinput =...