AI Sec Watch

TensorFlow, a machine learning platform, has a vulnerability in its TFLite component (a lightweight version for mobile devices) where an attacker can create a malicious model that causes an integer overflow (when a calculation produces a number too large to fit in its storage type, wrapping around to become negative). This overflow leads to invalid memory allocation, potentially causing the program to crash or behave unpredictably.

TensorFlow, an open source machine learning platform, has a vulnerability in its TFLite (TensorFlow Lite, a lightweight version for mobile devices) hashtable lookup implementation that can cause a division by zero error (a crash caused by dividing by zero). An attacker could create a malicious model that triggers this crash by setting a dimension to 0.

TensorFlow, a machine learning platform, has a vulnerability where a specially crafted TFLite model (a lightweight version of TensorFlow for mobile devices) can cause an OOB write on heap (writing data beyond allocated memory boundaries) in the ArgMin/ArgMax operations. The bug occurs when the axis_value parameter falls outside valid bounds, causing the code to write past the end of the output array.

TensorFlow, an open-source machine learning platform, has a vulnerability in its `DepthwiseConv` operator (a component that performs a specific type of mathematical operation on data) where an attacker could craft a malicious model that causes a division by zero error (trying to divide a number by zero, which crashes the program). This allows an attacker to potentially crash or disrupt systems using this component.

TensorFlow's TFLite (a lightweight version for mobile and embedded devices) has a bug where it can experience an integer overflow (when a number gets too large to fit in its assigned storage space) in the concatenation operation (combining multiple data arrays into one). An attacker could create a malicious machine learning model that exploits this by making dimension values too large, and this problem can occur when converting regular TensorFlow models to the TFLite format.

TensorFlow's `OneHot` operator (a component that converts index values into one-hot encoded vectors) in TFLite, the lightweight version for mobile devices, has a division by zero vulnerability. An attacker could create a malicious model that causes the operator to divide by zero, potentially crashing the system or causing unexpected behavior.

TensorFlow, an open source platform for machine learning, has a vulnerability in its `Split` operator for TFLite (TensorFlow Lite, a lightweight version for mobile devices) that causes a division by zero error (a crash that happens when code tries to divide a number by zero). An attacker can create a malicious model that sets `num_splits` to 0, triggering this crash.

TensorFlow, an open-source machine learning platform, has a vulnerability in its SVDF TFLite operator (a component that performs specific neural network calculations on mobile devices) where an attacker can craft a malicious model that causes a division by zero error (attempting to divide a number by zero, which crashes the program). This happens when a parameter called `params->rank` is set to 0.

TensorFlow, an open-source machine learning platform, has a vulnerability in its `SpaceToBatchNd` operator (a function that rearranges data in neural network models) that can be triggered by a division by zero error (when code tries to divide a number by zero, crashing the system). An attacker can create a malicious model that causes this crash by setting one dimension of the block input to 0.