AI Sec Watch

TensorFlow's `OneHot` operator (a component that converts index values into one-hot encoded vectors) in TFLite, the lightweight version for mobile devices, has a division by zero vulnerability. An attacker could create a malicious model that causes the operator to divide by zero, potentially crashing the system or causing unexpected behavior.

TensorFlow, an open source platform for machine learning, has a vulnerability in its `Split` operator for TFLite (TensorFlow Lite, a lightweight version for mobile devices) that causes a division by zero error (a crash that happens when code tries to divide a number by zero). An attacker can create a malicious model that sets `num_splits` to 0, triggering this crash.

TensorFlow, an open-source machine learning platform, has a vulnerability in its SVDF TFLite operator (a component that performs specific neural network calculations on mobile devices) where an attacker can craft a malicious model that causes a division by zero error (attempting to divide a number by zero, which crashes the program). This happens when a parameter called `params->rank` is set to 0.

TensorFlow, an open-source machine learning platform, has a vulnerability in its `SpaceToBatchNd` operator (a function that rearranges data in neural network models) that can be triggered by a division by zero error (when code tries to divide a number by zero, crashing the system). An attacker can create a malicious model that causes this crash by setting one dimension of the block input to 0.

TensorFlow, an open source machine learning platform, has a vulnerability in its `EmbeddingLookup` operator that can cause a division by zero error (a crash caused by trying to divide by zero). An attacker could craft a malicious model with a specific input dimension set to 0 to trigger this crash.

TensorFlow, an open source machine learning platform, has a vulnerability in its `DepthToSpace` TFLite operator (a component that processes neural network data in a specific format called TensorFlow Lite). An attacker can create a malicious model that causes a division by zero error (when code tries to divide a number by zero, crashing the system), potentially allowing them to disrupt or crash applications using this operator.

TensorFlow's TFLite (a lightweight version of the machine learning platform) has a bug in its convolution code (math operations that process image data) where user-controlled values can be used as divisors without checking if they're zero, which could cause crashes or unexpected behavior. This happens because division by zero is not prevented in the code.

TensorFlow, a platform for building machine learning models, has a vulnerability in its `BatchToSpaceNd` operator (a function that reshapes data), which can crash when an attacker provides specially crafted input that causes a division by zero error (attempting to divide by zero, which is mathematically impossible). An attacker could exploit this to cause the software to malfunction.

A previous security fix for TensorFlow (a machine learning platform) didn't work properly when the Reshape operator (which changes a tensor's shape, or dimensions) received its target shape from a 1-D tensor (a single row of data). This incomplete fix accidentally allowed a problematic null-buffer-backed tensor (a data structure with no actual memory backing) to be used, creating a security weakness.