Browse All

TensorFlow (an open source machine learning platform) has a vulnerability where a specific function called `FakeQuantWithMinMaxVarsPerChannel` crashes when given certain types of input data, allowing attackers to cause a denial of service attack (making the system stop working). The developers have fixed the bug in their code.

TensorFlow, an open source platform for machine learning, has a vulnerability where a function called `RaggedTensorToVariant` can crash if it receives incorrectly formatted input (tensors with ranks other than one). An attacker could use this crash to launch a denial of service attack (making the system unavailable).

A vulnerability in TensorFlow (an open source platform for machine learning) allows attackers to crash the system by sending specially formatted inputs to a specific function called `tf.quantization.fake_quant_with_min_max_vars_per_channel_gradient`, causing a denial of service attack (where a system becomes unavailable). The issue occurs when the function receives input parameters with the wrong structure (rank other than 1).

TensorFlow (an open source platform for machine learning) has a vulnerability in its MaxPool function, which crashes when given a window size array with dimensions larger than the input data, allowing attackers to cause a denial of service attack (making the system unavailable). The issue has been patched and will be fixed in upcoming versions.

TensorFlow (an open source platform for machine learning) has a vulnerability in its `tf.linalg.matrix_rank` function, which crashes when given an empty input. An attacker could exploit this crash to cause a denial of service attack (making the system unavailable by overwhelming it with requests or triggering failures).

TensorFlow, an open source platform for machine learning, has a vulnerability in its `DenseBincount` function where it doesn't properly check if the `weights` input tensor (a data structure holding numbers) has the correct shape, allowing attackers to crash the program through a denial of service attack (making a system unavailable by overwhelming it).

TensorFlow (an open source machine learning platform) has a bug where the `RaggedBincount` function crashes when given an empty input tensor called `splits`, which can be exploited to launch a denial of service attack (making a service unavailable by overwhelming it). The vulnerability affects multiple versions of the software.

TensorFlow (an open source platform for machine learning) has a vulnerability in its `LRNGrad` function where passing an incorrectly formatted input tensor (one that is not 4-dimensional) causes the program to crash, allowing attackers to trigger a denial of service attack (making the system unavailable).

TensorFlow (an open source machine learning platform) has a bug in the `ParameterizedTruncatedNormal` function where it only accepts one data type (`int32`) for the `shape` parameter, but crashes when given the correct type (`int64`), which could allow an attacker to cause a denial of service (making the software unavailable).

TensorFlow (an open source machine learning platform) has a vulnerability where running certain save operations on data types (formats for storing numbers) that aren't supported causes the program to crash, which could be used for a denial of service attack (making a service unavailable by overwhelming it). The vulnerability affects multiple versions of TensorFlow.

TensorFlow, an open source machine learning platform, has a vulnerability in the `SparseBincount` function where invalid sparse tensor (a compressed way of storing data with mostly empty values) inputs can crash the program, potentially allowing attackers to cause a denial of service attack (making the system unavailable). The issue has been patched and will be fixed in upcoming versions of TensorFlow.

TensorFlow, an open source machine learning platform, has a vulnerability in its `FractionalMaxPoolGrad` function (a component that processes pooling operations) where it uses CHECK failures instead of returning errors to validate inputs. If someone sends incorrectly sized inputs to this function, they can trigger a denial of service attack (making the system crash or become unresponsive).

TensorFlow (an open-source machine learning platform) has a vulnerability where two functions called `QuantizedRelu` and `QuantizedRelu6` crash when given certain types of incorrect inputs for their `min_features` or `max_features` parameters, which attackers could exploit to cause a denial of service attack (making the system unavailable).

TensorFlow (an open source machine learning platform) has a bug where a function called `QuantizeDownAndShrinkRange` crashes if it receives nonscalar inputs (arrays or objects with multiple values instead of single values) for certain parameters, allowing attackers to cause a denial of service attack (making the system unavailable).

TensorFlow, an open source machine learning platform, has a vulnerability in its `QuantizedMatMul` function that crashes when given certain types of improper input (nonscalar values for min/max parameters), allowing attackers to trigger a denial of service attack (making the system unavailable). The issue has been fixed and will be released in updated versions of TensorFlow.

TensorFlow, an open source machine learning platform, has a vulnerability in its `QuantizedBiasAdd` function that crashes when given certain tensor inputs of nonzero rank (multi-dimensional arrays), allowing attackers to launch a denial of service attack (making the system unavailable). The developers have identified and patched the issue.

TensorFlow, an open source machine learning platform, has a vulnerability in the `FakeQuantWithMinMaxVars` function where providing certain types of input tensors (multidimensional arrays of numbers) causes the program to crash, enabling a denial of service attack (making a system unavailable to users). The vulnerability has been identified and fixed in the codebase.

TensorFlow (an open source platform for machine learning) has a bug in the `QuantizedInstanceNorm` function where passing certain tensor inputs (`x_min` or `x_max` with nonzero rank, which are multi-dimensional arrays of numerical data) causes a segfault (a crash from accessing invalid memory), allowing attackers to trigger a denial of service attack (making the system unavailable). The vulnerability was fixed and will be released in TensorFlow 2.10.0, with backported patches for earlier versions.

TensorFlow (an open-source machine learning platform) has a bug in the `Conv2DBackpropInput` function where it crashes if the `input_sizes` parameter is not 4-dimensional, allowing attackers to cause a denial of service (making the system unavailable). The issue has been fixed and will be released in upcoming versions.

TensorFlow, an open source machine learning platform, has a bug in the `AvgPoolGrad` function where it doesn't properly check the input parameter `orig_input_shape`. This incomplete validation causes a CHECK failure (a crash that stops the program), which attackers can exploit to perform a denial of service attack (making the system unavailable to legitimate users).