Security vulnerabilities, privacy incidents, safety concerns, and policy updates affecting LLMs and AI agents.
TensorFlow, an open source machine learning platform, had a vulnerability in its `tf.raw_ops.DeleteSessionTensor` function (a specific operation within TensorFlow) that failed to properly check its input arguments before using them. This flaw could be exploited to cause a denial of service attack (making a system crash or become unavailable by sending specially crafted requests).
Fix: Update TensorFlow to version 2.9.0, 2.8.1, 2.7.2, or 2.6.4, which contain patches for this issue.
NVD/CVE DatabaseTensorFlow, an open source machine learning platform, had a vulnerability in the `tf.raw_ops.QuantizeAndDequantizeV4Grad` function where it did not fully validate input arguments before processing them. This bug could crash the system (a denial of service attack, where an attacker makes a service unavailable) in versions before 2.9.0, 2.8.1, 2.7.2, and 2.6.4.
TensorFlow, an open source machine learning platform, had a vulnerability in its `tf.raw_ops.GetSessionTensor` function (a command for retrieving tensor data from a session) where it did not properly validate input arguments, allowing attackers to crash the system through a denial of service attack (making software unavailable by overwhelming or breaking it). The vulnerability was fixed in TensorFlow versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4.
A vulnerability in Oracle Java SE and Oracle GraalVM Enterprise Edition (a high-performance Java runtime) in the JAXP component (Java API for XML Processing, which handles XML data) allows an unauthenticated attacker to partially disable these systems over a network. The vulnerability affects specific versions of Java and can be exploited through untrusted code in web applications or through web services that supply data to the vulnerable APIs, with a severity rating of 5.3 out of 10.
Gradio, a framework for building interactive machine learning demos, has a vulnerability in versions before 2.8.11 where its flagging feature (which saves data to CSV files) can be tricked into storing harmful commands in the file. If someone opens this CSV file in Excel or similar programs, those commands run automatically on their computer.
CVE-2022-0845 is a code injection vulnerability (a flaw where an attacker can insert and execute malicious code) in PyTorch Lightning, a machine learning framework, affecting versions before 1.6.0. The vulnerability stems from improper control over code generation, allowing attackers to run arbitrary code through the affected software.
MLflow, a machine learning platform, had an insecure temporary file vulnerability (CWE-377, a weakness where temporary files are created without proper security protections) in versions before 1.23.1. This vulnerability could potentially allow attackers to access or modify sensitive data stored in temporary files.
TensorFlow (an open source machine learning framework) has a vulnerability where building an XLA compilation cache (a storage system that speeds up machine learning model compilation) with default settings causes a null pointer dereference (a crash that happens when code tries to use a memory location that doesn't exist). This occurs because the default configuration allows all devices, leaving a critical variable empty.
TensorFlow (an open-source machine learning framework) has a vulnerability in its TFG dialect, which is part of MLIR (a compiler framework for optimizing code). An attacker can modify the SavedModel format (the way trained models are saved to disk) to break assumptions the system makes, which can crash the Python interpreter or cause heap OOB (out-of-bounds memory access, where code reads or writes memory it shouldn't).
TensorFlow, an open-source machine learning framework, has a vulnerability in its `simplifyBroadcast` function (a part of the MLIR-TFRT infrastructure, which is the compiler and runtime system) that causes a segfault (a crash from accessing invalid memory) when given scalar shapes (data without dimensions), resulting in a denial of service (making the system unavailable). This affects only TensorFlow version 2.7.0.
TensorFlow (an open-source machine learning framework) has a vulnerability where type inference can read data outside the bounds of allocated memory (a heap out of bounds read). The bounds checking uses a DCHECK, which is disabled in production code, allowing an attacker to manipulate a variable so it accesses memory beyond what is available.
TensorFlow (an open-source machine learning framework) has a vulnerability where the GraphDef format (TensorFlow's way of representing computation graphs) can accept self-recursive functions even though it shouldn't, causing a stack overflow (a crash from too much memory use) when the model runs because the system gets stuck trying to resolve the same function repeatedly.
TensorFlow (an open source machine learning framework) has a vulnerability where a maliciously altered GraphDef (a representation of a machine learning model's computation graph) from a SavedModel can crash a TensorFlow process by forcing extraction of a value from a StatusOr (a data structure that holds either a valid result or an error state). The issue affects both TensorFlow 2.7 and 2.8 versions.
TensorFlow, a machine learning framework, has a vulnerability (CVE-2022-23589) in its Grappler component (a graph optimization tool) that can cause a null pointer dereference (crash from accessing invalid memory) when processing maliciously altered SavedModel files (serialized machine learning models). The bug occurs in two places during optimization operations and can be triggered by missing required nodes in the computation graph.
A malicious user can crash TensorFlow (an open source machine learning framework) by modifying a SavedModel (a pre-trained model file) in a way that tricks the Grappler optimizer (a tool that improves model performance) into building a tensor with an invalid reference dtype (data type), causing the program to fail.
TensorFlow, an open-source machine learning framework, has a vulnerability in its Grappler component (a tool that optimizes computational graphs) that causes an integer overflow (when a number becomes too large to store) during cost estimation for crop and resize operations. Since attackers can control the cropping parameters, they can trigger undefined behavior (unpredictable actions that may crash the system or cause other problems).
A vulnerability in TensorFlow (an open-source machine learning framework) allows an attacker to cause a denial of service by modifying a SavedModel (a packaged version of a trained model) in a way that triggers false assertions in the code and crashes the Python interpreter. This vulnerability affects multiple versions of TensorFlow.
TensorFlow, an open-source machine learning framework, has a memory leak (unused memory that is not freed) when decoding invalid PNG image files. The problem occurs because error-handling code exits the function early without properly freeing allocated buffers (chunks of memory that were set aside for use).
TensorFlow (an open-source machine learning framework) has a vulnerability where a malicious user can trigger a use after free bug (accessing memory that has already been freed) when decoding PNG images. The problem occurs because after a memory cleanup function is called, the width and height values are left in an unpredictable state.
A vulnerability in TensorFlow (an open-source machine learning framework) allows a malicious user to cause a denial of service (making a service unavailable) by modifying a SavedModel (a format for storing trained models) so that binary operations receive corrupted data due to type confusion (using data as if it were a different type than it actually is). This type mismatch between expected and actual data types can cause the program to crash.
Fix: Update TensorFlow to one of the patched versions: 2.9.0, 2.8.1, 2.7.2, or 2.6.4. A patch is available at https://github.com/tensorflow/tensorflow/commit/098e7762d909bac47ce1dbabe6dfd06294cb9d58.
NVD/CVE DatabaseFix: Update TensorFlow to one of the patched versions: 2.9.0, 2.8.1, 2.7.2, or 2.6.4.
NVD/CVE DatabaseFix: Update gradio to version 2.8.11 or later, which escapes saved CSV data with single quotes to prevent command execution. As a workaround, avoid opening CSV files generated by gradio with Excel or similar spreadsheet programs.
NVD/CVE DatabaseFix: Update PyTorch Lightning to version 1.6.0 or later. A patch is available at https://github.com/pytorchlightning/pytorch-lightning/commit/8b7a12c52e52a06408e9231647839ddb4665e8ae
NVD/CVE DatabaseFix: Update MLflow to version 1.23.1 or later. A patch is available at https://github.com/mlflow/mlflow/commit/61984e6843d2e59235d82a580c529920cd8f3711.
NVD/CVE DatabaseFix: The fix will be included in TensorFlow 2.8.0. Patches will also be released in TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3.
NVD/CVE DatabaseFix: The fix will be included in TensorFlow 2.8.0.
NVD/CVE DatabaseFix: The fix will be included in TensorFlow 2.8.0.
NVD/CVE DatabaseFix: The fix will be included in TensorFlow 2.8.0. The fix will also be backported to TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3.
NVD/CVE DatabaseFix: The issue has been patched in TensorFlow 2.8.0 and TensorFlow 2.7.1. Users should upgrade to these versions or later.
NVD/CVE DatabaseFix: The fix will be included in TensorFlow 2.8.0. The patch will also be backported to TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3.
NVD/CVE DatabaseFix: The fix will be included in TensorFlow 2.8.0. The fix will also be applied to TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3.
NVD/CVE DatabaseFix: The fix will be included in TensorFlow 2.8.0. This commit will also be applied to TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these versions are still supported.
NVD/CVE DatabaseFix: Update to TensorFlow 2.8.0, or apply the fix through updates to TensorFlow 2.7.1, TensorFlow 2.6.3, or TensorFlow 2.5.3. Patches are available in the following commits: 3d89911481ba6ebe8c88c1c0b595412121e6c645 and dcc21c7bc972b10b6fb95c2fb0f4ab5a59680ec2.
NVD/CVE DatabaseFix: The fix will be included in TensorFlow 2.8.0. The fix will also be applied to TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3.
NVD/CVE DatabaseFix: Update to TensorFlow 2.8.0 or apply patches to the following supported versions: TensorFlow 2.7.1, TensorFlow 2.6.3, or TensorFlow 2.5.3. These versions contain the fix for this vulnerability.
NVD/CVE DatabaseFix: The fix will be included in TensorFlow 2.8.0. The fix will also be backported (adapted for older versions) to TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3.
NVD/CVE Database