AI Sec Watch

TensorFlow's Grappler optimizer (the part of TensorFlow that improves how machine learning models run) has a bug where a variable called `dequeue_node` is never initialized if a saved model doesn't contain a specific type of operation called a `Dequeue` node. This uninitialized variable could cause the optimizer to behave unpredictably or crash.

TensorFlow, an open source platform for machine learning, has a vulnerability in the `SplitV` function where supplying negative arguments can cause a segfault (a crash from accessing invalid memory). The crash happens when the `size_splits` parameter contains multiple values with at least one being negative.

TensorFlow (an open source machine learning platform) has a vulnerability where shape inference code for certain operations can be tricked into accessing invalid memory through a heap buffer overflow (where a program writes data beyond the allocated memory space). This happens because the code doesn't verify that certain input parameters have the correct structure before using them.

TensorFlow, an open source platform for machine learning, had a memory leak and use-after-free bug (a mistake where the program tries to access data after it has already been deleted) in its `CollectiveReduceV2` function due to improper handling of asynchronous operations. The vulnerability was caused by objects being moved from memory while still being accessed elsewhere in the code.

TensorFlow (an open source platform for machine learning) contains a vulnerability in its shape inference function for the `Transpose` operation where negative values in the `perm` parameter can cause a heap buffer overflow (writing data outside the intended memory boundaries). The issue stems from insufficient validation of the indices in `perm` before they are processed.

TensorFlow, an open source machine learning platform, has a vulnerability in its `tf.function` API (a feature that converts Python functions into optimized operations) where mutually recursive functions (functions that call each other back and forth) can cause a deadlock using a non-reentrant Lock (a mechanism that prevents simultaneous access but doesn't allow the same thread to re-enter it). An attacker could cause a denial of service by tricking users into loading vulnerable models, though this scenario is uncommon.

TensorFlow, an open source machine learning platform, has a bug in its shape inference code for the `AllToAll` function that causes a division by zero error (when a value is divided by 0, causing the program to crash) whenever the `split_count` argument is set to 0. This vulnerability could allow an attacker to crash or disrupt a TensorFlow application.

TensorFlow (an open source platform for machine learning) has a bug where its convolution operators (mathematical functions that process data in neural networks) crash with a division by zero error when given empty filter tensors (arrays of parameters). This vulnerability affects multiple versions of TensorFlow.

TensorFlow's boosted trees code (a machine learning feature for building multiple decision trees together) lacks proper input validation, allowing attackers to crash the system (denial of service, where a service becomes unavailable), read sensitive data from memory, or write malicious data to memory buffers. The TensorFlow developers recommend stopping use of these APIs since the boosted trees code is no longer actively maintained.