431 matches found
CVE-2021-37692
CVE-2021-37692 affects TensorFlow and centers on a segfault in string tensor deallocation during garbage collection when the encoding of a string tensor fails (e.g., mismatched dimensions). The root cause is an assumption that encoding succeeded, leading to use of the finalizer of the tensor with...
CVE-2022-23578
TensorFlow vulnerability CVE-2022-23578 describes a memory leak: if a graph node is invalid, ImmutableExecutorState::Initialize can leak the previously allocated memory when item->kernel is reset to nullptr. The issue affects TensorFlow; the fix is planned for TensorFlow 2.8.0, with cherry-pic...
CVE-2022-29212
TensorFlow vulnerability CVE-2022-29212 affects TFLite model loading due to quantization scale handling. During quantization, values can have a scale > 1, but code assumed sub-unit scaling; this triggers a TFLITE_CHECK_LT assertion when QuantizeMultiplierSmallerThanOneExp is used, causing a cr...
CVE-2022-41898
TensorFlow CVE-2022-41898 causes a crash when SparseFillEmptyRowsGrad is given empty inputs. The issue was patched in commit af4a6a3c8b95022c351edae94560acc61253a1b8 and will be included in TensorFlow 2.11; the patch will also be cherry-picked to 2.10.1, 2.9.3, and 2.8.4, which are within the sup...
CVE-2021-29520
TensorFlow CVE-2021-29520 concerns a heap buffer overflow in Conv3DBackprop* due to missing validation that assumes input, filter_sizes, and out_backprop have identical shapes. Multiple sources (OSV entries and GHSA advisory) corroborate the issue and patch lineage. The vulnerability affects Conv...
CVE-2021-29601
TensorFlow/TFLite concatentation is vulnerable to an integer overflow in the TFLite kernel used for concatenation. The issue arises because TFLite uses int for tensor dimensions while TensorFlow uses int64, allowing crafted inputs where a concatenation dimension overflows an int. Public details i...
CVE-2021-37663
CVE-2021-37663 arises from incomplete validation in tf.raw_ops.QuantizeV2 in TensorFlow. Affected: TensorFlow versions before 2.6.0 (patch committed 6da6620...). The issue can trigger undefined behavior via binding a null pointer or out-of-bounds access; if axis is provided, min_range/max_range l...
CVE-2021-37686
CVE-2021-37686 – TensorFlow TFLite infinite loop in strided_slice . The issue is in the TFLite strided_slice implementation where the new ellipsis in axis definitions can cause ellipsis_end_idx to be smaller than i. This prevents the inner loop from advancing i, and a continued loop skips the out...
CVE-2022-23564
CVE-2022-23564 (TensorFlow) : The issue is a denial-of-service in TensorFlow caused by an invalidated CHECK assertion when decoding a resource handle tensor from protobuf, triggered by user-controlled arguments. Affected: TensorFlow (TF) processes; root cause is an assertion failure path during r...
CVE-2022-29196
CVE-2022-29196 applies to TensorFlow. Before versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, Conv3DBackpropFilterV2 does not fully validate input arguments, specifically not validating that filter_sizes is a vector. This triggers a CHECK failure and can be leveraged to cause a denial of service. The iss...
CVE-2022-36018
TensorFlow CVE-2022-36018 describes a denial-of-service risk in RaggedTensorToVariant when rt_nested_splits contains tensors with ranks other than one. The issue triggers a CHECK failure that can be exploited remotely to disrupt service. A fix was committed (88f93dfe691563baa4ae1e80ccde2d5c7a1438...
CVE-2022-41902
CVE-2022-41902 in TensorFlow describes an out-of-bounds read/crash caused by MakeGrapplerFunctionItem input-size handling. A GitHub commit a65411a1d69edfb16b25907ffb8f73556ce36bb7 fixes the issue, and the fix will be released in TensorFlow 2.11.0. The same patch has been cherry-picked to TensorFl...
CVE-2021-29573
CVE-2021-29573 concerns TensorFlow. The flaw is a division-by-zero in tf.raw_ops.MaxPoolGradWithArgmax caused by the implementation not validating the batch dimension is non-zero before dividing. The issue affects TensorFlow’s MaxPoolGradWithArgmax path and is addressed in the fix that will be in...
CVE-2021-37669
TensorFlow CVE-2021-37669 describes a denial-of-service in tf.raw_ops.NonMaxSuppressionV5 (and CombinedNonMaxSuppression) caused by an integer-to-unsigned conversion when resizing a std::vector with a user-controlled output_size. Negative output_size leads to a crash due to implicit conversion to...
CVE-2022-23585
CVE-2022-23585 refers to a memory-leak vulnerability in TensorFlow's PNG decoding path. After calling png::CommonInitDecode(..., &decode), allocated buffers may remain if an error path triggers OP_REQUIRES, and are not freed before function termination, creating a potential leak. The issue affect...
CVE-2022-29208
TensorFlow CVE-2022-29208: The tf.raw_ops.EditDistance implementation has incomplete validation, allowing crafted negative values to cause an out-of-bounds write and segmentation-fault based DoS. Affected versions are 2.6.4, 2.7.2, 2.8.1, and 2.9.0; patches exist and fixes are included in 2.9.0 (...
CVE-2022-36027
TensorFlow's CVE-2022-36027 affects the TFLite/TensorFlow converter path for per-channel quantized transposed convolutions, where converting these ops can segfault and crash the Python process. The issue has been patched in commit aa0b852a4588cea4d36b74feb05d93055540b450, with the fix slated for ...
CVE-2022-41911
CVE-2022-41911 affects TensorFlow; root cause is an undefined char-to-bool conversion when printing a tensor, leading to sanitizer/fuzzer crashes. Patch is in GitHub commit 1be74370327 and will be included in TensorFlow 2.11.0, with backports to 2.10.1, 2.9.3, and 2.8.4. Public detail confirms im...
CVE-2021-29600
Summary: CVE-2021-29600 concerns TensorFlow’s TFLite OneHot operator, where the division-by-zero arises from prefix_dim_size calculation when an indices dimension is 0. This is triggered by crafted models and affects multiple TensorFlow/TFLite release lines, with a fix planned for TensorFlow 2.5....
CVE-2021-37635
CVE-2021-37635 affects TensorFlow: heap out-of-bounds access in sparse reduction operations due to missing validation of reduction groups/indices. Patch committed (87158f43f05f2720a374f3e6d22a7aaa3a33f750) and fixes planned for TensorFlow 2.6.0, with cherry-picks for 2.5.1, 2.4.3, and 2.3.4. Publ...
CVE-2021-37662
CVE-2021-37662 stems from a TensorFlow vulnerability where a reference binding to nullptr in BoostedTreesCalculateBestGainsPerFeature and BoostedTreesCalculateBestFeatureSplitV2 may trigger undefined behavior due to input not being validated in stats_ops.cc. GitHub patches 9c87c32c7... and 429f00...
CVE-2021-37665
CVE-2021-37665 : TensorFlow vulnerable due to incomplete validation in MKL requantization (range per-channel and per-channel ops). The root cause is insufficient validation of input dimensions/arguments, allowing undefined behavior (binding a null pointer, heap out-of-bounds access). A patch was ...
CVE-2021-41197
CVE-2021-41197 concerns TensorFlow where treating large tensor shapes can overflow int64, causing a CHECK-failure abort during shape construction (notably in operations like tf.math.segment_, SparseCwise , and depthwise-related paths). The issue is addressed by upstream fixes, with the primary pa...
CVE-2021-41228
CVE-2021-41228 affects TensorFlow’s saved_model_cli, where user-supplied strings are passed to eval, enabling code injection. The vulnerability exists in affected TensorFlow releases’ saved_model_cli tool and can allow arbitrary code execution on the host where the CLI runs. Public documentation ...
CVE-2022-23575
TensorFlow vulnerability CVE-2022-23575 arises from an integer overflow in OpLevelCostEstimator::CalculateTensorSize when processing an operation with a very large tensor. The issue affects TensorFlow and was mitigated by a patch in TensorFlow 2.8.0, with cherry-picks to 2.7.1, 2.6.3, and 2.5.3 (...
CVE-2022-23590
CVE-2022-23590 affects TensorFlow. A maliciously altered GraphDef from a SavedModel can trigger a crash by calling ValueOrDie on an error StatusOr, crashing the TensorFlow process. Patches exist in GitHub commits and will be included in TensorFlow 2.8.0 and 2.7.1; remediation in practice is to up...
CVE-2022-29198
CVE-2022-29198 concerns TensorFlow’s tf.raw_ops.SparseTensorToCSRSparseMatrix, where input validation is incomplete for dense_shape and indices. This can trigger a CHECK failure, potentially enabling a denial of service. The issue is documented to affect TensorFlow versions prior to 2.9.0, 2.8.1,...
CVE-2022-29210
CVE-2022-29210 affects TensorFlow 2.8.0, where TensorKey's hash using AllocatedBytes() and tensor.data() can cause a heap-buffer/ASAN-related issue leading to a denial of service. The issue is patched in TensorFlow 2.9.0 and also back-ported to 2.8.1. IBM Watson Discovery bulletin and OSV entries...
CVE-2019-16778
CVE-2019-16778 : In TensorFlow before 1.15, a heap-based buffer overflow can occur in UnsortedSegmentSum when the Index template argument is int32. Data_size and num_segments are truncated from int64 to int32, potentially producing negative numbers and out-of-bounds memory access. The issue is de...
CVE-2021-29535
CVE-2021-29535 affects TensorFlow’s QuantizedMul implementation. The vulnerability arises when four quantization thresholds are passed as inputs and may be empty tensors, causing a heap buffer overflow by accessing .flat()(0) on an empty buffer. This is rooted in the code path in quantized_mul_op...
CVE-2021-29555
TensorFlow CVE-2021-29555 describes a denial-of-service vulnerability in tf.raw_ops.FusedBatchNorm caused by a division operation based on the last tensor dimension, which can be triggered by user-provided input. The issue affects the FusedBatchNorm path and has been patched; TensorFlow 2.5.0 wil...
CVE-2021-29566
TensorFlow: CVE-2021-29566 is a heap-out-of-bounds (OOB) access in tf.raw_ops.Dilation2DBackpropInput due to missing input validation. This can cause writes outside the heap during backprop, as per the OSV/GHSA entries. The issue is fixed in TensorFlow 2.5.0 with cherry-picks to 2.4.2, 2.3.3, 2.2...
CVE-2021-29570
CVE-2021-29570 affects TensorFlow and specifically the tf.raw_ops.MaxPoolGradWithArgmax path. The vulnerability is a heap out-of-bounds read caused by using the same value to index two different arrays without guaranteed equal sizes, leading to reads beyond heap data when provided crafted inputs....
CVE-2021-29574
CVE-2021-29574 concerns TensorFlow. The issue is an undefined behavior in tf.raw_ops.MaxPool3DGradGrad where inputs can be empty and trigger null-pointer dereferences due to lack of input validation in pooling_ops_3d.cc. Affected context includes TensorFlow versions in the 2.x line with planned f...
CVE-2021-29577
CVE-2021-29577 describes a heap-buffer-overflow in TensorFlow’s tf.raw_ops.AvgPool3DGrad caused by an assumption that orig_input_shape and grad have similar first/last dimensions without proper validation. Public sources (NVD, OSV, GHSA) confirm the issue and its impact as a memory corruption vul...
CVE-2021-37672
TensorFlow CVE-2021-37672 is a heap-based out-of-bounds read vulnerability in SdcaOptimizerV2 caused by not validating example_labels length against the number of examples. The issue is disclosed in GHSA-5HJ3-VJJF-F5M7 with a code example and fix details. Patches were applied in the GitHub commit...
CVE-2021-41208
CVE-2021-41208 involves TensorFlow boosted trees code with missing validation. The root cause is incomplete validation in boosted trees APIs, enabling a local attacker to trigger denial of service (via dereferencing null pointers or CHECK failures) and to cause undefined behavior (binding referen...
CVE-2022-21738
TensorFlow CVE-2022-21738 describes an integer overflow in SparseCountSparseOutput (kernels/count_ops.cc) that can crash a TensorFlow process when its result is used for memory allocation. The vulnerability affects TensorFlow releases including 2.5.3, 2.6.3, and 2.7.1, with a fix planned for Tens...
CVE-2022-35991
TensorFlow CVE-2022-35991 affects TensorListScatter and TensorListScatterV2 when element_shape has rank greater than one, triggering a CHECK failure that can lead to a denial of service. The issue is documented in OSV entries (BIT-TENSORFLOW-2022-35991) and related advisories, which confirm a pat...
CVE-2022-41891
CVE-2022-41891 (TensorFlow) : A segmentation fault occurs in tf.raw_ops.TensorListConcat when element_shape is []; this can trigger a denial-of-service. A patch was committed (fc33f3dc4c14051a83eec6535b608abe1d355fde) and will be included in TensorFlow 2.11. TensorFlow 2.10.1, 2.9.3, and 2.8.4 wi...
CVE-2021-29514
TensorFlow RaggedBincount vulnerability (CVE-2021-29514) in the RaggedBincount kernel can cause a heap out-of-bounds write when the splits argument references an invalid SparseTensor, leading to a write at out(-1, bin). The issue is triggered by setting splits(0) to 7, causing batch_idx to remain...
CVE-2021-29518
CVE-2021-29518 describes a vulnerability in TensorFlow where, in eager mode, session operations can dereference a null session_state pointer, leading to undefined behavior. Concrete details from connected documents show the root cause in tensor flow core/kernels/session_ops.cc, where ctx->sess...
CVE-2021-29541
CVE-2021-29541 : TensorFlow StringNGrams vulnerability — the implementation of data_splits is not fully validated, allowing a null pointer dereference when ngram computation leads to zero/negative output size. This can cause a crash (null pointer dereference) on affected TensorFlow builds. A fix ...
CVE-2021-29547
CVE-2021-29547 affects TensorFlow QuantizedBatchNormWithGlobalNormalization. The issue is a heap/out-of-bounds vulnerability caused by inputs being allowed to be empty; when any input is empty, flat()(0) accesses data outside of bounds, enabling a segfault/denial of service. Patches were applied ...
CVE-2021-29554
CVE-2021-29554 affects TensorFlow: DenseCountSparseOutput can cause a denial of service via a division-by-zero runtime error. Root cause is computing a divisor from user data without validating zero, yielding num_batch_elements = 0 and a divide operation. Affected TF releases are mitigated by a f...
CVE-2021-29556
CVE-2021-29556 affects TensorFlow cores with a Denial of Service via a division-by-first-dimension in tf.raw_ops.Reverse. The vulnerability arises because N = input.dim_size(0) is used to compute cost_per_unit, enabling a user-controlled trigger (through the tensor’s first dimension) to cause a F...
CVE-2021-29578
CVE-2021-29578 : TensorFlow’s tf.raw_ops.FractionalAvgPoolGrad is vulnerable to a heap-based buffer overflow caused by a missing validation of pooling sequence arguments against the out_backprop tensor shape. Multiple connected sources corroborate the issue and provide the same root cause. The mi...
CVE-2021-29596
CVE-2021-29596: TensorFlow/TFLite EmbeddingLookup suffers a division-by-zero in EmbeddingLookup when the first dimension of value is 0. Affected component is the TFLite operator in TensorFlow; root cause is a division by zero in embedding_lookup.cc. The documented fix is to include a patch in Ten...
CVE-2021-29608
TensorFlow CVE-2021-29608 maps to a RaggedTensorToTensor validation flaw: input checks only ensure one tensor is non-empty, enabling potential heap out-of-bounds/NULL dereference undefined behavior in release builds. Multiple sources (NVD, OSV/GHSA advisories) describe a local-attack surface lead...
CVE-2021-29616
CVE-2021-29616 affects TensorFlow: the TrySimplify path in Grappler dereferences a null pointer in corner cases (optimizing a node with no inputs). This is a null-dereference vulnerability in the TensorFlow optimization code, not a user-facing attack surface description. The issue has been fixed ...