AI Sec Watch

TensorFlow (an open-source machine learning framework) has a bug where a cost estimator for convolution operations can be forced to divide by zero because it doesn't check that the stride argument (a parameter controlling step size in operations) is positive. The fix adds validation to ensure the stride is valid before the operation runs.

TensorFlow (an open-source machine learning framework) has a vulnerability in the `AddManySparseToTensorsMap` function where an integer overflow (when a number gets too large for its storage space) causes the program to crash when creating new TensorShape objects. The problem exists because the code doesn't properly validate input tensor shapes before using them.

TensorFlow, an open-source machine learning framework, has a vulnerability in its `Sparse*Cwise*` operations (specialized math functions for sparse tensors, a type of data structure with mostly empty values) that can be exploited through integer overflows (when calculations produce numbers too large for the system to handle). An attacker could cause the system to run out of memory or crash by providing specially crafted input dimensions.

TensorFlow, an open-source machine learning framework, has a bug in the `SparseTensorSliceDataset` component where it can crash by dereferencing a null pointer (accessing memory that doesn't exist) when given certain inputs. The code doesn't properly check that its three input arguments meet required conditions before using them.

A bug in TensorFlow's `StringNGrams` function (a tool that breaks text into small overlapping pieces) allows attackers to crash the system by causing it to run out of memory through an integer overflow (when a number gets too large and wraps around to an incorrect value). The problem stems from missing validation on the `pad_width` parameter, which can result in a negative `ngram_width` value that causes excessive memory allocation.

TensorFlow (an open source machine learning framework) has a vulnerability in its `ThreadPoolHandle` component that allows attackers to cause a denial of service attack (making a service unavailable by overwhelming it) by allocating excessive memory. The problem exists because the code only checks that the `num_threads` argument is not negative, but does not limit how large the value can be.

TensorFlow, an open-source machine learning framework, has a bug in its shape inference (the process of figuring out data dimensions) for the `ConcatV2` operation that can be exploited to crash a program through a segfault (a memory access error). The vulnerability occurs because a type confusion (mixing up different data types) allows a negative value to bypass a safety check, potentially letting attackers cause a denial of service attack (making the system unavailable).

TensorFlow, an open-source machine learning framework, has a vulnerability in its `FractionalAvgPoolGrad` function that fails to validate input data properly, allowing an attacker to read memory from outside the intended bounds of the heap (out-of-bounds read, where a program accesses data it shouldn't). This is a memory safety issue that could let attackers access sensitive information.

TensorFlow, an open source machine learning framework, has a bug in its shape inference for the `ReverseSequence` operation where it doesn't properly check if the `batch_dim` parameter is a negative number, allowing it to read memory outside the intended array bounds (a heap OOB read, or out-of-bounds read that accesses invalid memory). While the code checks that `batch_dim` isn't larger than the input rank, it fails to reject negative values that are too extreme, which can cause the program to access memory before the start of the array.