Security vulnerabilities, privacy incidents, safety concerns, and policy updates affecting LLMs and AI agents.
TensorFlow, a machine learning platform, has a vulnerability in the `UnbatchGradOp` function (a component that processes gradient calculations) where it doesn't properly validate its inputs. If given a non-scalar `id` (a single value instead of what's expected) or an incorrectly sized `batch_index` (a list of indices), the function crashes the program. There are no known workarounds for this issue.
Fix: The issue was patched in GitHub commit 5f945fc6409a3c1e90d6970c9292f805f6e6ddf2. The fix will be included in TensorFlow 2.10.0 and will also be backported to TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2.
NVD/CVE DatabaseTensorFlow's `AvgPoolOp` function has a bug where it doesn't check if the `ksize` argument (a parameter that controls pooling window size) is positive, allowing negative values to crash the program. The issue has been patched and will be included in upcoming TensorFlow releases.
TensorFlow's `RaggedRangOp` function has a bug where passing a very large float value to the `limits` argument causes it to overflow when converted to an `int64` (a 64-bit integer type), crashing the entire program with an abort signal. This vulnerability affects multiple versions of TensorFlow and has no known workaround.
TensorFlow's `ScatterNd` function (a tool that places values into specific positions of an output array) has a bug where invalid input indices can write data to the wrong location or crash the program. The vulnerability affects multiple versions of TensorFlow.
A bug in TensorFlow (an open source platform for machine learning) exists in the `GatherNd` function, which retrieves values from arrays using index arrays. When input sizes are greater than or equal to output sizes, the function tries to read memory outside its allowed bounds (out-of-bounds memory read), causing errors or system crashes. The vulnerability affects multiple recent versions of TensorFlow.
TensorFlow's `GatherNd` function (a tool that retrieves values from arrays based on index locations) has a vulnerability where it can read memory it shouldn't access if certain input sizes are too large. This happens because the function doesn't properly check if inputs exceed the expected output sizes, potentially exposing sensitive data or crashing the system.
TensorFlow (an open source platform for machine learning) has a bug in SobolSampleOp that crashes the program when it receives unexpected input types, because the code assumes certain inputs will be scalars (single values rather than arrays). This denial of service vulnerability has been fixed and will be released in upcoming versions.
TensorFlow's tf.reshape operation (a function that changes a tensor's shape without altering its data) has a vulnerability that allows attackers to crash the program by causing an integer overflow (when a number exceeds the maximum value a system can store), triggering a denial of service attack (making the service unavailable). The issue affects multiple versions of TensorFlow and has been patched.
Streamlit, a Python framework for building data applications, has a directory traversal vulnerability (a type of attack where an attacker uses specially crafted file paths to access files they shouldn't be able to reach) in versions before 1.11.1. An attacker could trick the Streamlit server into reading and returning sensitive files from the server's file system, such as logs or other confidential information.
CVE-2020-25459 is a vulnerability in WeBank FATE (Federated AI Technology Enabler, a system for training machine learning models across multiple parties) versions 0.1 through 1.4.2 that allows attackers to read sensitive information during the training process. The issue exists in a function called sync_tree in the hetero_decision_tree_guest.py file, which means attackers could access private data while the model is being trained.
TensorFlow's `saved_model_cli` tool (a utility for working with saved machine learning models) had a code injection vulnerability in versions before 2.9.0, 2.8.1, 2.7.2, and 2.6.4, which could allow an attacker to open a reverse shell (a backdoor connection giving remote control of a system). The vulnerability existed because the tool used `eval` (a function that executes text as code) on user input for compatibility with older test cases, but since the tool requires manual operation, the practical risk was limited.
TensorFlow, an open source platform for machine learning, had a bug in two signal processing functions (`tf.compat.v1.signal.rfft2d` and `tf.compat.v1.signal.rfft3d`) where missing input validation (checking that data meets expected requirements before processing) could cause the software to crash under certain conditions. The bug was fixed in versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4.
TensorFlow, an open source machine learning platform, had a bug in versions before 2.9.0, 2.8.1, 2.7.2, and 2.6.4 where certain converted models would crash when loaded. The problem occurred because the code assumed that quantization (a technique to compress model size by reducing numerical precision) would always use scaling factors smaller than 1, but sometimes the scale was larger, causing the program to stop unexpectedly.
TensorFlow, an open source platform for machine learning, has a vulnerability in the `tf.histogram_fixed_width` function where it crashes if the input data contains NaN (Not a Number, a special floating point value representing undefined results). The crash happens because the code tries to convert NaN to an integer without checking for it first, and this bug only affects the CPU version of TensorFlow.
TensorFlow version 2.8.0 had a bug in the `TensorKey` hash function (a function that converts data into a fixed-size code for quick lookups), where it incorrectly used `AllocatedBytes()` (an estimate of memory used by a tensor, including referenced data like strings) to access the actual tensor data bytes. This caused crashes because `AllocatedBytes()` doesn't represent the real contiguous memory buffer, and certain data types like `tstring` contain pointers rather than actual values.
TensorFlow, an open source machine learning platform, had a bug in versions before 2.9.0, 2.8.1, 2.7.2, and 2.6.4 where assertion macros (special code blocks that check if conditions are true) incorrectly compared different data types, specifically `size_t` and `int` values (two different ways to store whole numbers). This type confusion could cause assertions to trigger incorrectly due to how the computer converts between these different number types.
TensorFlow, an open source platform for machine learning, has a vulnerability in the `tf.raw_ops.EditDistance` function where incomplete validation allows users to pass negative values that cause a segmentation fault (a program crash from accessing invalid memory). An attacker could exploit this by crafting input that produces negative array indices, allowing writes before the intended array location and potentially crashing the system.
CVE-2022-29206 is a bug in TensorFlow (an open source machine learning platform) where a specific function called `tf.raw_ops.SparseTensorDenseAdd` doesn't properly check its input arguments, causing a nullptr (a reference pointing to nothing) to be accessed during execution, which leads to undefined behavior. This vulnerability affects TensorFlow versions before 2.9.0, 2.8.1, 2.7.2, and 2.6.4.
TensorFlow (an open-source machine learning platform) has a bug in older versions where calling certain compatibility functions with unsupported data types causes the program to crash. When the code tries to process a missing function, it attempts to use a null pointer (a reference to nothing in memory), which causes a segmentation fault (a type of crash where the program accesses memory it shouldn't).
TensorFlow, an open source platform for machine learning, has a vulnerability in one of its operations called `tf.raw_ops.UnsortedSegmentJoin` where it doesn't properly check its inputs before using them. If someone provides a negative number where a positive one is expected, it causes the program to crash with an assertion failure, which is a type of denial of service attack (making software unavailable by crashing it).
Fix: Update to TensorFlow 2.10.0 or apply the patch from GitHub commit 3a6ac52664c6c095aa2b114e742b0aa17fdce78f. If you are using TensorFlow 2.9.1, 2.8.1, or 2.7.2, updates including the fix will be released for these versions as well.
NVD/CVE DatabaseFix: The issue has been patched in GitHub commit 37cefa91bee4eace55715eeef43720b958a01192. The fix will be included in TensorFlow 2.10.0, and will also be applied to TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2.
NVD/CVE DatabaseFix: The issue is patched in GitHub commit b4d4b4cb019bd7240a52daa4ba61e3cc814f0384. The fix will be included in TensorFlow 2.10.0 and will be backported (applied to older versions still being supported) to TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2. The source notes there are no known workarounds.
NVD/CVE DatabaseFix: The fix has been patched in GitHub commit 4142e47e9e31db481781b955ed3ff807a781b494 and will be included in TensorFlow 2.10.0. The fix will also be backported (applied to older versions still being supported) to TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2. Users should update to these patched versions.
NVD/CVE DatabaseFix: The fix will be included in TensorFlow 2.10.0. Patched versions will also be available in TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2. The source notes there are no known workarounds for this issue.
NVD/CVE DatabaseFix: The fix is included in TensorFlow 2.10.0. The patch will also be applied to TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, which are still supported. Users should update to one of these patched versions. No workarounds are available until an update is applied.
NVD/CVE DatabaseFix: Update to TensorFlow 2.10.0, or apply the cherrypick to versions 2.9.1, 2.8.1, or 2.7.2 (the patched versions for users on older supported releases). The fix is included in GitHub commit 61f0f9b94df8c0411f0ad0ecc2fec2d3f3c33555. There are no known workarounds for this issue.
NVD/CVE DatabaseFix: Upgrade to Streamlit version 1.11.1 or later. The source explicitly states, 'This issue has been resolved in version 1.11.1. Users are advised to upgrade.' No workarounds are available.
NVD/CVE DatabaseFix: Update TensorFlow to version 2.9.0, 2.8.1, 2.7.2, or 2.6.4 or later. The maintainers removed the `safe=False` argument, so all parsing is now done without calling `eval`.
NVD/CVE DatabaseFix: Update TensorFlow to one of the patched versions: 2.9.0, 2.8.1, 2.7.2, or 2.6.4.
NVD/CVE DatabaseFix: Update to TensorFlow versions 2.9.0, 2.8.1, 2.7.2, or 2.6.4, which contain a patch for this issue.
NVD/CVE DatabaseFix: Update to TensorFlow versions 2.9.0, 2.8.1, 2.7.2, or 2.6.4, which contain a patch for this issue.
NVD/CVE DatabaseFix: This issue is patched in TensorFlow versions 2.9.0 and 2.8.1.
NVD/CVE DatabaseFix: Update TensorFlow to version 2.9.0, 2.8.1, 2.7.2, or 2.6.4 or later, as these versions contain a patch for this issue.
NVD/CVE DatabaseFix: Update to TensorFlow versions 2.9.0, 2.8.1, 2.7.2, or 2.6.4, which contain a patch for this issue.
NVD/CVE DatabaseFix: Update TensorFlow to versions 2.9.0, 2.8.1, 2.7.2, or 2.6.4 or later, which contain a patch for this issue.
NVD/CVE DatabaseFix: Update to TensorFlow version 2.9.0, 2.8.1, 2.7.2, or 2.6.4 or later, which contain a patch for this issue.
NVD/CVE DatabaseFix: Update TensorFlow to version 2.9.0, 2.8.1, 2.7.2, or 2.6.4 or later, as these versions contain a patch for this issue.
NVD/CVE Database