AI Sec Watch

TensorFlow, a machine learning platform, has a vulnerability (CVE-2021-41206) where certain operations don't properly check the size and dimensions of tensor arguments (the numerical arrays that machine learning models process). This missing validation can cause crashes, memory corruption (reads and writes to unintended memory locations), or other undefined behavior depending on which operation is affected.

TensorFlow, an open source platform for machine learning, has a bug in its `tf.range` function where a conditional statement mixes two different number types (int64, a large integer type, and double, a decimal number type). Due to how C++ automatically converts between these types, the calculation overflows (produces incorrect results that are too large to store). This causes the output size calculation to fail.

TensorFlow, an open source platform for machine learning, has a vulnerability in its `SparseBinCount` function that allows heap OOB access (out-of-bounds memory access, where a program reads data outside the memory it's allowed to use) because it doesn't validate that the `values` argument matches the shape of the sparse output. This bug could let attackers crash the system or potentially read sensitive data from memory.

TensorFlow, an open source machine learning platform, has a vulnerability in the `SparseFillEmptyRows` function that can cause a heap OOB access (out-of-bounds read, where a program tries to read memory it shouldn't access) when the size of `indices` does not match the size of `values`. This is a memory safety bug that could potentially crash the program or expose sensitive data.

TensorFlow, an open source machine learning platform, has a vulnerability in its `FusedBatchNorm` kernels that allows heap OOB access (out-of-bounds memory reading, where a program tries to read data outside the memory space it's allowed to use). This bug affects multiple older versions of TensorFlow that are still supported.

TensorFlow, an open source platform for machine learning, has a vulnerability in its sparse matrix multiplication code where it can crash or behave unpredictably (undefined behavior) if matrix dimensions are 0 or less, because the code tries to write to an empty memory location (nullptr, a reference to nothing). When dimensions are invalid, the code should create an empty output but not write to it, otherwise it causes a heap OOB access (writing data outside the boundaries of allocated memory).

TensorFlow, an open source machine learning platform, has a vulnerability where the code that builds a control flow graph (the structure representing how data moves through a model) crashes when it assumes paired nodes exist but they don't. When the first node in a pair is missing, the code tries to use a null pointer (a reference to nothing), causing the program to crash.

TensorFlow, an open source machine learning platform, has a vulnerability where the shape inference code for `DeserializeSparse` (a function that converts serialized data back into sparse tensors, which are data structures that efficiently store mostly-empty matrices) can crash due to a null pointer dereference (trying to access memory that hasn't been allocated). This happens because the code incorrectly assumes the input tensor has a specific structure.

TensorFlow, an open source machine learning platform, has a bug in its shape inference code for the `tf.ragged.cross` function where it tries to use a null pointer (a reference to nothing), causing undefined behavior. The vulnerability is caused by accessing an uninitialized pointer (a memory location that hasn't been set up yet).