Security vulnerabilities, privacy incidents, safety concerns, and policy updates affecting LLMs and AI agents.
TensorFlow Lite (TFLite, a lightweight version of TensorFlow for mobile and embedded devices) has a vulnerability in its `GatherNd` and `Gather` operations that fail to check for negative indices. An attacker can exploit this by creating a specially designed model with negative values to read sensitive data from the heap (temporary memory storage), potentially exposing private information.
Fix: The issue was patched in GitHub commits bb6a0383ed553c286f87ca88c207f6774d5c4a8f and eb921122119a6b6e470ee98b89e65d721663179d. The fix is included in TensorFlow 2.6.0 and will be backported to TensorFlow 2.5.1, 2.4.3, and 2.3.4.
NVD/CVE DatabaseTensorFlow, an open source machine learning platform, has a vulnerability in TFLite (TensorFlow Lite, a lightweight version for mobile devices) where a negative `axis` parameter value can cause the software to read data outside the intended memory area. This could potentially expose sensitive information or crash the program.
TensorFlow (an open source platform for machine learning) has a vulnerability in its pooling operations where the code doesn't check if divisors are zero before dividing, which can cause crashes. The issue has been patched and will be included in upcoming versions of TensorFlow.
TensorFlow, a popular machine learning platform, has a vulnerability in its division operation in TFLite (a lightweight version for mobile devices) where it doesn't check if the divisor (the number you're dividing by) is zero, which can cause crashes. The issue has been fixed and will be available in several updated versions of the software.
TensorFlow, an open-source machine learning platform, has a vulnerability in TFLite (TensorFlow Lite, a lightweight version for mobile devices) where operations using quantization (a technique that reduces model size by using lower-precision numbers) can accidentally use uninitialized values because the code doesn't properly check whether quantization settings are valid before using them. This could cause unpredictable behavior in machine learning models running on mobile or embedded devices.
TensorFlow has a vulnerability where nesting `tf.map_fn` (a function that applies operations to tensor elements) calls with RaggedTensor inputs (tensors with variable row lengths) and no function signature can leak uninitialized memory from the heap and potentially cause data loss. The bug occurs because the code doesn't verify that inner tensor shapes match when converting from a Variant tensor to a RaggedTensor.
TensorFlow and Keras had a security flaw where loading machine learning models from YAML files (a text format for storing data) could let attackers run arbitrary code (any commands they want) on a system. The problem was caused by using an unsafe YAML parser that doesn't validate what code it runs.
TensorFlow, an open-source machine learning platform, has a vulnerability in its shape inference code for the `tf.raw_ops.Dequantize` function that could crash a system (denial of service via segfault, which is when a program crashes due to accessing invalid memory) if an attacker provides invalid arguments. The bug exists because the code doesn't properly validate the `axis` parameter before using it to access tensor dimensions (the size measurements of data structures in machine learning).
TensorFlow, an open-source machine learning platform, has a vulnerability where attackers can cause a denial of service (making a system unavailable by crashing it) through a segmentation fault (a memory error that crashes a program) in the MaxPoolGrad operation due to missing input validation on certain data structures called tensors. The vulnerability exists because an earlier fix for a related issue was incomplete.
TensorFlow, an open-source machine learning platform, has a vulnerability where attackers can crash the system (denial of service, a type of attack that makes a service unavailable) through a function called `tf.raw_ops.MapStage` because it doesn't validate that the `key` input is a proper non-empty tensor (a multi-dimensional array of numbers). This bug affects multiple versions of TensorFlow.
TensorFlow, an open source machine learning platform, has a vulnerability where an attacker can read data outside the intended memory bounds (a heap overflow, which is when a program accesses memory it shouldn't) by sending specially crafted invalid arguments to a function called tf.raw_ops.SdcaOptimizerV2. The vulnerability exists because the code doesn't verify that the length of input labels matches the number of examples being processed.
TensorFlow, an open source machine learning platform, has a vulnerability where attackers can read data outside the intended memory bounds by sending specially crafted arguments to certain functions like `tf.raw_ops.UpperBound` and `tf.raw_ops.LowerBound`. The vulnerability exists because the code doesn't properly validate the rank (the number of dimensions) of the input data it receives. This could allow attackers to access sensitive information stored in memory.
TensorFlow, an open-source machine learning platform, has a vulnerability in its `tf.raw_ops.NonMaxSuppressionV5` function that allows attackers to crash applications by supplying a negative number, which causes a division by zero error due to improper type conversion (converting a signed integer to an unsigned integer).
TensorFlow, an open source platform for machine learning, has a vulnerability (CVE-2021-37668) where attackers can crash applications by exploiting the `tf.raw_ops.UnravelIndex` function through division by zero (a math error where a program tries to divide by 0). The bug occurs because the code doesn't check if the `dims` tensor (a multi-dimensional array) is empty before performing calculations.
TensorFlow, an open source machine learning platform, has a vulnerability in its MKL implementation where incomplete validation of input tensor dimensions allows attackers to trigger undefined behavior (accessing invalid memory locations or reading data outside allocated memory bounds). Two operations, requantization and MklRequantizePerChannelOp, are affected by this flaw.
TensorFlow, a machine learning platform, has a vulnerability in its `tf.raw_ops.QuantizeV2` function where incomplete validation (checking that inputs meet requirements) allows attackers to cause crashes or read data from invalid memory locations. The vulnerability occurs because the code doesn't properly verify that input parameters have matching sizes and are within valid ranges.
TensorFlow, an open-source machine learning platform, has a vulnerability where an attacker can create a malicious model file that crashes the system by triggering a null pointer dereference (accessing memory at an invalid location without checking if it's safe). The problem occurs in the MLIR optimization (a compiler technique that improves code performance) of the L2NormalizeReduceAxis operator, which tries to access data in a vector without first verifying the vector contains any elements.
TensorFlow, an open source machine learning platform, has a vulnerability where an attacker can create a specially crafted TFLite model (a lightweight version of TensorFlow for mobile devices) that causes a null pointer dereference (attempting to access memory that doesn't exist), crashing the system and preventing it from working. The flaw occurs because the code tries to access a pointer without checking if it's valid first.
TensorFlow 2.6.0 has a bug in its strided slice implementation (a feature that extracts portions of arrays), which attackers can exploit to create models that cause infinite loops (the program gets stuck repeating the same instructions endlessly). The bug appears in TFLite (TensorFlow Lite, a lightweight version for mobile devices) when handling ellipsis (a shorthand notation using '...' in array indexing).
TensorFlow (an open source machine learning platform) has a vulnerability in its SVDF implementation (a neural network component) in TFLite (a lightweight version for mobile devices) where a null pointer error (attempting to use data that doesn't exist in memory) can occur. The bug happens because the `GetVariableInput` function can return a null pointer, but the code doesn't check for this before trying to use it as valid data.
Fix: The issue was patched in GitHub commit d94ffe08a65400f898241c0374e9edc6fa8ed257. The fix is included in TensorFlow 2.6.0 and was also applied to TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4.
NVD/CVE DatabaseFix: Update to TensorFlow 2.6.0, or apply the patch from GitHub commit dfa22b348b70bb89d6d6ec0ff53973bacb4f4695. If you cannot upgrade to 2.6.0, use patched versions 2.5.1, 2.4.3, or 2.3.4 (these versions will receive the fix via cherrypick).
NVD/CVE DatabaseFix: The fix is included in TensorFlow 2.6.0. It will also be backported (applied to older versions still receiving support) in TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4. Users should update to one of these patched versions.
NVD/CVE DatabaseFix: The issue has been patched in GitHub commits 537bc7c723439b9194a358f64d871dd326c18887, 4a91f2069f7145aab6ba2d8cfe41be8a110c18a5, and 8933b8a21280696ab119b63263babdb54c298538. The fix is included in TensorFlow 2.6.0 and has been backported to TensorFlow 2.5.1, 2.4.3, and 2.3.4.
NVD/CVE DatabaseFix: The issue was patched in GitHub commit 4e2565483d0ffcadc719bd44893fb7f609bb5f12. The fix is included in TensorFlow 2.6.0 and was also backported (applied to earlier versions) in TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4.
NVD/CVE DatabaseFix: The TensorFlow team removed YAML format support entirely and patched the issue in GitHub commit 23d6383eb6c14084a8fc3bdf164043b974818012. The fix is included in TensorFlow 2.6.0, and will also be backported (applied to older versions) in TensorFlow 2.5.1, 2.4.3, and 2.3.4.
NVD/CVE DatabaseFix: The issue has been patched in GitHub commit da857cfa0fde8f79ad0afdbc94e88b5d4bbec764. The fix is included in TensorFlow 2.6.0 and will be backported to TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4.
NVD/CVE DatabaseFix: The issue has been patched in GitHub commit 136b51f10903e044308cf77117c0ed9871350475. The fix will be included in TensorFlow 2.6.0 and will be backported to TensorFlow 2.5.1, 2.4.3, and 2.3.4.
NVD/CVE DatabaseFix: The issue has been patched in GitHub commit d7de67733925de196ec8863a33445b73f9562d1d. The fix will be included in TensorFlow 2.6.0, and will also be backported to TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4.
NVD/CVE DatabaseFix: The issue has been patched in GitHub commit a4e138660270e7599793fa438cd7b2fc2ce215a6. The fix will be included in TensorFlow 2.6.0, and will also be backported (applied to older supported versions) to TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4.
NVD/CVE DatabaseFix: The issue was patched in GitHub commit 42459e4273c2e47a3232cc16c4f4fff3b3a35c38. The fix will be included in TensorFlow 2.6.0 and will also be backported to TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4.
NVD/CVE DatabaseFix: Update to TensorFlow 2.6.0 or apply the patches in GitHub commits 3a7362750d5c372420aa8f0caf7bf5b5c3d0f52d and b5cdbf12ffcaaffecf98f22a6be5a64bb96e4f58. Patches are also being cherry-picked (backported) into TensorFlow 2.5.1, 2.4.3, and 2.3.4.
NVD/CVE DatabaseFix: The issue was patched in GitHub commit a776040a5e7ebf76eeb7eb923bf1ae417dd4d233. The fix is included in TensorFlow 2.6.0 and will be backported (adapted for earlier versions) to TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4.
NVD/CVE DatabaseFix: The issue was patched in GitHub commits 9e62869465573cb2d9b5053f1fa02a81fce21d69 and 203214568f5bc237603dbab6e1fd389f1572f5c9. The fix is included in TensorFlow 2.6.0 and was backported to versions 2.5.1, 2.4.3, and 2.3.4.
NVD/CVE DatabaseFix: The issue has been patched in GitHub commit 6da6620efad397c85493b8f8667b821403516708. The fix will be included in TensorFlow 2.6.0 and has also been backported (adapted for older versions) to TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4.
NVD/CVE DatabaseFix: The issue has been patched in GitHub commit d6b57f461b39fd1aa8c1b870f1b974aac3554955. The fix is included in TensorFlow 2.6.0 and has been backported to TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4.
NVD/CVE DatabaseFix: The issue was patched in GitHub commit 15691e456c7dc9bd6be203b09765b063bf4a380c. The fix will be included in TensorFlow 2.6.0 and will also be backported to TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4.
NVD/CVE DatabaseFix: The issue has been patched in GitHub commit dfa22b348b70bb89d6d6ec0ff53973bacb4f4695. Update TensorFlow to a version after 2.6.0.
NVD/CVE DatabaseFix: The issue has been patched in GitHub commit 5b048e87e4e55990dae6b547add4dae59f4e1c76. The fix will be included in TensorFlow 2.6.0, and will also be backported (adapted for older versions) to TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4.
NVD/CVE Database