431 matches found
CVE-2021-29523
CVE-2021-29523 : TensorFlow vulnerability where a crafted input for AddManySparseToTensorsMap can trigger a denial-of-service via a CHECK failure in TensorShapeInitDims when sparse_shape values overflow. Root cause: legacy TensorShapeBase constructor multiplies dimensions with potential overflow,...
CVE-2021-29534
TensorFlow vulnerability CVE-2021-29534 concerns a CHECK-fail in tf.raw_ops.SparseConcat caused by using shapes[0] to define the output shape, leading to a denial of service via overflow in TensorShape initialization. Affected behavior occurs when shape dimensions are overflowed during InitDims/A...
CVE-2021-37638
CVE-2021-37638 : TensorFlow vulnerable to a NULL pointer dereference in the RaggedTensorToTensor path caused by sending an empty row_partition_types list. The issue stems from accessing the first element of a user-supplied list without validating non-emptiness. A patch was applied in GitHub commi...
CVE-2021-37647
CVE-2021-37647 describes a null pointer dereference in TensorFlow’s tf.raw_ops.SparseTensorSliceDataset when creating an empty sparse tensor with mismatched indices/values. The description specifies that validation exists but can dereference a null pointer if indices are empty, leading to a crash...
CVE-2021-37649
CVE-2021-37649 describes a null pointer dereference in tf.raw_ops.UncompressElement within TensorFlow. The issue arises when a Variant tensor does not actually contain a CompressedElement, leading to a nullptr dereference during decompression. A patch has been applied in GitHub commit 7bdf50bb4f5...
CVE-2021-41219
TensorFlow SparseMatMul contains undefined behavior by binding a reference to nullptr when either input dimension is 0 or less, risking heap OOB writes. The issue affects TensorFlow releases prior to the fix and is documented across multiple advisories (OSV, GHSA) with specific commit e6cf28c7 an...
CVE-2021-41223
CVE-2021-41223 describes a heap out-of-bounds (OOB) access in TensorFlow's FusedBatchNorm kernels in affected releases. The vulnerability affects the FusedBatchNorm implementation; the fix is planned for TensorFlow 2.7.0, with cherry-picks to 2.6.1, 2.5.2, and 2.4.4 (still in supported range). Mu...
CVE-2022-35937
TensorFlow Lite GatherNd contains an out-of-bounds read when input indices can exceed output sizes. The issue is fixed via patch 595a65a3e224a0362d7e68c2213acfc2b499a196, with the fix planned for TensorFlow 2.10.0 and cherry-picks for 2.9.1, 2.8.1, and 2.7.2 (all in the supported range). There ar...
CVE-2022-35996
TensorFlow’s CVE-2022-35996 describes a DoS due to a division-by-zero in Conv2D when given an empty input with valid filter/padding, producing all-zeros output. The issue was patched in the GitHub commit 611d80db29dd7b0cfb755772c69d60ae5bca05f9, and the fix is scheduled for TensorFlow 2.10.0. Mai...
CVE-2022-41886
CVE-2022-41886 affects TensorFlow. The vulnerability occurs in the operator tf.raw_ops.ImageProjectiveTransformV2 when it outputs a large shape, causing an overflow. A patch is in the GitHub commit 8faa6ea692985dbe6ce10e1a3168e0bd60a723ba and the fix will be included in TensorFlow 2.11; TensorFlo...
CVE-2020-15199
Summary: TensorFlow prior to 2.3.1 contains a bug in RaggedCountSparseOutput where input ragged tensors are not validated for proper splits; an empty or single-element splits can trigger a SIGABRT due to an initialization bound. Root cause: lack of validation in RaggedCountSparseOutput when formi...
CVE-2020-15213
CVE-2020-15213 affects TensorFlow Lite prior to 2.2.1 and 2.3.1. The vulnerability arises in the segment_sum implementation: models that use segment sums can trigger a denial of service by causing an out-of-memory allocation. The root cause is that code uses the last element of the segment_ids te...
CVE-2021-29595
TensorFlow/TFLite: DepthToSpace division-by-zero in the DepthToSpace TFLite operator. A model with block_size = 0 triggers a fault in the calculation of output_channels, per the cited code path. A fix is planned for TensorFlow 2.5.0, with cherry-picks to 2.4.2, 2.3.3, 2.2.3, and 2.1.4 (still in s...
CVE-2021-29607
CVE-2021-29607 is tied to TensorFlow’s SparseAdd validation. The issue arises from incomplete validation of sparse tensor inputs (not checking emptiness or second-dimension_matches size), enabling potential undefined behavior such as null pointer dereferences and heap-out-of-bounds writes. The vu...
CVE-2021-37637
CVE-2021-37637 is a TensorFlow null pointer dereference in tf.raw_ops.CompressElement triggered by invalid input. The issue occurred when code accessed a buffer size before validating the buffer, and has been patched in GitHub commit 5dc7f6981fdaf74c8c5be41f393df705841fb7c5. The fix will be in Te...
CVE-2021-37646
CVE-2021-37646 affects TensorFlow: the StringNGrams implementation can overflow when converting a negative, signed ngram_width to an unsigned size during a reserve call, enabling a potential denial-of-service condition. The root cause is a signed-to-unsigned conversion in TF’s string buffer alloc...
CVE-2021-37664
TensorFlow vulnerability CVE-2021-37664: a heap out-of-bounds read can be triggered in BoostedTreesSparseCalculateBestFeatureSplit by sending illegal values to stats_summary_indices. The issue stems from insufficient validation in the boosted trees code path. A patch was committed (e84c9753...) a...
CVE-2021-41205
CVE-2021-41205 covers a heap-out-of-bounds read in TensorFlow’s QuantizeAndDequantizeV* shape inference paths. Affected TF releases allow reads beyond heap bounds, with a fix planned for TensorFlow 2.7.0 and cherry-picks back to 2.6.1, 2.5.2, and 2.4.4. Related advisories (OSV-BIT-TENSORFLOW-2021...
CVE-2022-35988
TensorFlow CVE-2022-35988 is a denial-of-service issue triggered when tf.linalg.matrix_rank receives an empty input; the GPU kernel can fail with a CHECK error. A patch was committed (c55b476aa0e0bd4ee99d0f3ad18d9d706cd1260a) and the fix is slated for TensorFlow 2.10.0, with cherry-picks to 2.9.1...
CVE-2022-41884
CVE-2022-41884 affects TensorFlow. A numpy array has a shape where one element is zero and the others sum to a large number, triggering an error. The issue has been fixed in commit 2b56169c16e375c521a3bc8ea658811cc0793784 and will be included in TensorFlow 2.11; the fix will also be cherry-picked...
CVE-2018-7577
CVE-2018-7577 affects the Snappy library (1.1.4) as used by Google TensorFlow prior to 1.7.1. The vulnerability stems from memcpy parameter overlap, which can cause a crash or allow reading from other parts of process memory. Exploitation details are not provided in the documents. Practical impac...
CVE-2020-15197
TensorFlow prior to 2.3.1 is affected by CVE-2020-15197 due to a validation gap in SparseCountSparseOutput: the indices tensor is not checked to be rank 2, though code treats it as a matrix. This can allow crafted input sparse tensors to cause a CHECK failure and crash, enabling denial of service...
CVE-2021-29590
TensorFlow/TFLite Minimum and Maximum operators are vulnerable to a heap-based out-of-bounds read when either input tensor is empty, due to broadcasting code indexing both tensors without bounds validation. The issue affects TF/TFLite, with fixes planned for TensorFlow 2.5.0 and cherry-picked bac...
CVE-2021-29592
Summary: CVE-2021-29592 is a null pointer dereference in TensorFlow’s TFLite Reshape operator. The issue arises when the target shape is supplied by a 1-D tensor; a fix previously for CVE-2020-15209 was incomplete, potentially allowing a null buffer to be treated as valid input for a 1-D shape, l...
CVE-2021-37651
TensorFlow: The FractionalAvgPoolGrad path has a heap-based buffer overflow when handling empty inputs, caused by not validating that the input tensor is non-empty. The implementation constructs an empty EigenDoubleMatrixMap and accesses out-of-bounds buffers. A patch was committed (0f931751fb20f...
CVE-2021-37688
CVE-2021-37688 is a TensorFlow/TFLite vulnerability describing a null pointer dereference in TFLite kernels (implemented in optimized_ops.h) that can crash the process and cause denial of service when processing a crafted TFLite model. The issue is a local condition, with the vulnerable path unco...
CVE-2022-36001
TensorFlow DrawBoundingBoxes input validation issue (CVE-2022-36001): when boxes is not dtype float, a CHECK failure can trigger a denial of service. Patch is in GitHub commit da0d65cdc1270038e72157ba35bf74b85d9bda11; fix will be in TensorFlow 2.10.0, with cherry-picks to 2.9.1, 2.8.1 and 2.7.2. ...
CVE-2018-8825
CVE-2018-8825 affects Google TensorFlow 1.7 and earlier, with a buffer overflow that can lead to local code execution. Multiple connected advisories corroborate a buffer‑overflow issue related to TensorFlow components (e.g., TOCO handling of TFLite graphs in the same family). The provided documen...
CVE-2021-37636
CVE-2021-37636 concerns TensorFlow with a vulnerability in tf.raw_ops.SparseDenseCwiseDiv where division by zero can occur due to how a shared binary-ops class handles this case. The issue affects affected TensorFlow versions and has been addressed by patching the underlying code in a GitHub comm...
CVE-2021-41200
CVE-2021-41200 concerns TensorFlow’s tf.summary.create_file_writer: when called with non-scalar arguments, affected builds can crash due to a CHECK failure. The provided documents specify the issue in TensorFlow’s open-source code path and confirm a fix in TensorFlow 2.7.0, with cherry-picks to o...
CVE-2022-23594
TensorFlow MLIR/TFG GraphDef handling flaw: if a SavedModel is on disk with altered format, conversion to the MLIR-based IR can crash the Python interpreter and may enable heap out-of-bounds reads. Affected scope includes the MLIR import path and associated GraphDef assumptions; exploitation deta...
CVE-2022-35983
CVE-2022-35983 affects TensorFlow. When calling Save or SaveSlices on tensors with an unsupported dtype, a CHECK failure can be triggered, potentially enabling a denial-of-service. The issue is fixed in the GitHub commit 5dd7b86b84a864b834c6fa3d7f9f51c87efa99d4 and will be included in TensorFlow ...
CVE-2021-41195
TensorFlow CVE-2021-41195 affects tf.math.segment_* implementations; large segment_ids can trigger a CHECK failure and abort due to int64 overflow when computing output shapes. Vulnerable CPU/GPU paths use AddDim, with AddDimWithStatus needed to prevent overflow. The fix is planned for TensorFlow...
CVE-2021-41198
CVE-2021-41198 affects TensorFlow where calling tf.tile with very large inputs can trigger a CHECK failure due to int64 overflow, crashing the process. The issue is rooted in the tile operation’s handling of output size and overflow detection. Remediation is available: TensorFlow 2.7.0 includes t...
CVE-2021-41212
TensorFlow ragged.cross shape inference has a heap-based out-of-bounds read in affected releases prior to 2.7.0. The fix is in TensorFlow 2.7.0, with cherry-picks to 2.6.1, 2.5.2, and 2.4.4. Upgrade to 2.7.0+ or apply the patches to mitigate ICU/heap corruption risk. Other CVE trackers (OSV, GHSA...
CVE-2021-41226
TensorFlow SparseBinCount is affected by a heap out-of-bounds (OOB) access due to missing validation between the values and the sparse output shape. Reports in CVE-2021-41226 and related advisories identify this as the root cause in affected TF versions. The fix is planned for TensorFlow 2.7.0, w...
CVE-2022-35965
TensorFlow (CVE-2022-35965) is affected by a NULL pointer dereference in LowerBound/UpperBound when given an empty sorted_inputs, causing a segmentation fault that can lead to a denial of service. The issue affects TensorFlow releases in the affected range and has been patched in commit bce3717ea...
CVE-2022-36012
TensorFlow vulnerability CVE-2022-36012: when mlir::tfg::ConvertGenericFunctionToFunctionDef processes empty function attributes, TensorFlow crashes. A patch (commit ad069af92392efee1418c48ff561fd3070a03d7b) fixes the issue and will be included in TensorFlow 2.10.0, with cherry-picks to 2.9.1, 2....
CVE-2018-21233
TensorFlow
CVE-2020-15201
CVE-2020-15201 : TensorFlow before 2.3.1 contains a bounds-checking flaw in RaggedCountSparseOutput, where input ragged-tensor validation is missing. Specifically, values in the splits tensor may not form a valid partitioning of values, risking a heap-based buffer overflow if split_values does no...
CVE-2021-29553
TensorFlow vulnerability CVE-2021-29553 involves a heap-based out-of-bounds read in tf.raw_ops.QuantizeAndDequantizeV3 caused by not validating the user-supplied axis before indexing the input. Affected TensorFlow versions are in the 2.x range, with a fix planned for TensorFlow 2.5.0 and cherry-p...
CVE-2021-37655
CVE-2021-37655 describes a heap-based read out of bounds in TensorFlow caused by incomplete validation when updating a resource with tf.raw_ops.ResourceScatterUpdate. The issue stems from validating the relationship between the shapes of indices and updates (only divisibility checked instead of p...
CVE-2021-41196
CVE-2021-41196 affects TensorFlow (Keras pooling layers). In affected builds, pooling operations can segfault when pool size is 0 or a dimension is negative because values in the sliding window are not checked to be strictly positive. The issue is tied to TensorFlow’s pooling implementation, with...
CVE-2021-41215
CVE-2021-41215 affects TensorFlow: the shape inference for DeserializeSparse can trigger a null pointer dereference when the serialize_sparse tensor has positive rank (last dimension 3). A fix is available in TensorFlow 2.7.0, with cherry-picks for 2.6.1, 2.5.2, and 2.4.4. Remediation: upgrade to...
CVE-2022-36000
CVE-2022-36000 describes a null pointer dereference in TensorFlow when mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes. Affected TF versions include 2.7.2, 2.8.1, 2.9.1 (and beyond) within the supported range; the issue has been patched in commit aed36912609fc072...
CVE-2021-37641
No public technical details are provided in the supplied documents; monitor for updates.
CVE-2021-37653
TensorFlow Cortex: CVE-2021-37653 affects TensorFlow’s tf.raw_ops.ResourceGather. The issue stems from computing batch_size and dividing by it without validating 0, causing a local crash (denial of service). A patch exists in GitHub commit ac117ee8a8ea57b73d34665cdf00ef3303bc0b11 and should be in...
CVE-2021-41202
The CVE-2021-41202 family describes an overflow in TensorFlow's tf.range kernel caused by a conditional int64 = condition ? int64 : double, where implicit C++ casting to double truncates the result. Affected are TF releases in the 2.4.x–2.7.x range (including 2.7.0 and cherry-picks to 2.6.1, 2.5....
CVE-2021-41209
CVE-2021-41209 affects TensorFlow: in affected versions, convolution operator implementations may trigger a division by zero when given empty filter tensor arguments. The issue is fixed in TensorFlow 2.7.0, with cherry-picks to 2.6.1, 2.5.2, and 2.4.4 in scope. Affected products/versions include ...
CVE-2021-41210
TensorFlow vulnerability CVE-2021-41210 (BIT-TENSORFLOW-2021-41210) is a heap-based out-of-bounds read in SparseCountSparseOutput shape inference. Affected TF versions permit reading outside heap memory during shape inference of SparseCountSparseOutput. A fix is planned for TensorFlow 2.7.0, with...