Security vulnerabilities, privacy incidents, safety concerns, and policy updates affecting LLMs and AI agents.
TensorFlow (an open-source machine learning framework) has a vulnerability where certain operations can crash the program through denial of service attacks (making it unavailable by triggering assertion failures, which are safety checks in code that stop execution if something goes wrong). The developers have fixed the issue and plan to release patches across multiple supported versions.
Fix: The fix will be included in TensorFlow 2.8.0. Patches will also be cherry-picked (applied retroactively) to TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3.
NVD/CVE DatabaseTensorFlow, an open-source machine learning framework, has a vulnerability in its `FractionalMaxPool` function (a pooling operation used in neural networks) that can crash the program through a division by zero error (attempting to divide a number by zero, which is mathematically undefined). The vulnerability affects multiple versions of TensorFlow.
TensorFlow, an open-source machine learning framework, has a vulnerability in its `MapStage` component where a CHECK-fail (a type of crash caused by a failed validation check) occurs if the key tensor (a multi-dimensional array of data) is not a scalar (a single value). This bug can cause the program to crash unexpectedly.
TensorFlow, an open-source machine learning framework, has a vulnerability in its `UnravelIndex` function caused by an integer overflow bug (a situation where a number becomes too large for the system to handle correctly) that leads to division by zero. This flaw affects multiple versions of TensorFlow and could allow attackers to crash or disrupt the software.
TensorFlow (an open-source machine learning framework) has a bug where a cost estimator for convolution operations can be forced to divide by zero because it doesn't check that the stride argument (a parameter controlling step size in operations) is positive. The fix adds validation to ensure the stride is valid before the operation runs.
TensorFlow (an open-source machine learning framework) has a vulnerability in the `AddManySparseToTensorsMap` function where an integer overflow (when a number gets too large for its storage space) causes the program to crash when creating new TensorShape objects. The problem exists because the code doesn't properly validate input tensor shapes before using them.
TensorFlow, an open-source machine learning framework, has a vulnerability in its `Sparse*Cwise*` operations (specialized math functions for sparse tensors, a type of data structure with mostly empty values) that can be exploited through integer overflows (when calculations produce numbers too large for the system to handle). An attacker could cause the system to run out of memory or crash by providing specially crafted input dimensions.
TensorFlow, an open-source machine learning framework, has a bug in the `SparseTensorSliceDataset` component where it can crash by dereferencing a null pointer (accessing memory that doesn't exist) when given certain inputs. The code doesn't properly check that its three input arguments meet required conditions before using them.
A bug in TensorFlow's `StringNGrams` function (a tool that breaks text into small overlapping pieces) allows attackers to crash the system by causing it to run out of memory through an integer overflow (when a number gets too large and wraps around to an incorrect value). The problem stems from missing validation on the `pad_width` parameter, which can result in a negative `ngram_width` value that causes excessive memory allocation.
TensorFlow (an open source machine learning framework) has a vulnerability in its `ThreadPoolHandle` component that allows attackers to cause a denial of service attack (making a service unavailable by overwhelming it) by allocating excessive memory. The problem exists because the code only checks that the `num_threads` argument is not negative, but does not limit how large the value can be.
TensorFlow, an open-source machine learning framework, has a bug in its shape inference (the process of figuring out data dimensions) for the `ConcatV2` operation that can be exploited to crash a program through a segfault (a memory access error). The vulnerability occurs because a type confusion (mixing up different data types) allows a negative value to bypass a safety check, potentially letting attackers cause a denial of service attack (making the system unavailable).
TensorFlow, an open-source machine learning framework, has a vulnerability in its `FractionalAvgPoolGrad` function that fails to validate input data properly, allowing an attacker to read memory from outside the intended bounds of the heap (out-of-bounds read, where a program accesses data it shouldn't). This is a memory safety issue that could let attackers access sensitive information.
TensorFlow, an open source machine learning framework, has a bug in its shape inference for the `ReverseSequence` operation where it doesn't properly check if the `batch_dim` parameter is a negative number, allowing it to read memory outside the intended array bounds (a heap OOB read, or out-of-bounds read that accesses invalid memory). While the code checks that `batch_dim` isn't larger than the input rank, it fails to reject negative values that are too extreme, which can cause the program to access memory before the start of the array.
TensorFlow, an open source machine learning framework, has a vulnerability in its shape inference for the `Dequantize` operation where the `axis` argument is not properly validated. An attacker can provide an unexpectedly large `axis` value that causes an integer overflow (when a number becomes too large and wraps around to a negative or incorrect value) when the code adds 1 to it.
TensorFlow, an open-source machine learning framework, has a bug in its `Dequantize` function where the `axis` parameter (which specifies which dimension to operate on) isn't properly validated. This allows attackers to read past the end of an array in memory, potentially causing crashes or exposing sensitive data through a heap OOB (out-of-bounds) access, which means reading memory locations outside the intended storage area.
A vulnerability in Oracle Java SE and Oracle GraalVM Enterprise Edition's JAXP component (a Java library for processing XML data) allows an attacker on the network to read some data they shouldn't have access to without needing to log in. The vulnerability affects several older versions of Java and can be exploited through web services or untrusted code running in a Java sandbox (a restricted environment meant to safely run untrusted programs).
pytorch-lightning (a popular machine learning library) contains a vulnerability related to deserialization of untrusted data (CWE-502, where a program unsafely processes data from an untrusted source, potentially allowing an attacker to run malicious code). The vulnerability was identified and reported through the huntr.dev bug bounty program.
Sockeye, an open-source tool for Neural Machine Translation (a type of AI that translates text between languages), had a security flaw in versions before 2.3.24 where it used unsafe YAML loading (a method to read configuration files without proper safety checks). An attacker could hide malicious code in a model's configuration file, and if a user downloaded and ran that model, the hidden code would execute on their computer.
Aim is an open-source tool for tracking machine learning experiments. Versions before 3.1.0 have a path traversal vulnerability (a type of attack where special sequences like '../' are used to access files outside the intended directory), which could allow attackers to read sensitive files like source code, configuration files, or system files on the server.
Fix: The fix will be included in TensorFlow 2.8.0. TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3 will also receive this fix through a cherrypick commit, as these versions are still supported.
NVD/CVE DatabaseFix: The fix will be included in TensorFlow 2.8.0. The vulnerability will also be patched in TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, which are still in the supported range.
NVD/CVE DatabaseFix: The fix will be included in TensorFlow 2.8.0. TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3 will also receive this fix through a cherrypick (applying a specific code change to older versions).
NVD/CVE DatabaseFix: The fix will be included in TensorFlow 2.8.0. The fix will also be back-ported to TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, which are still in the supported range.
NVD/CVE DatabaseFix: The fix will be included in TensorFlow 2.8.0. The fix will also be applied to TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3 through a cherrypick (applying specific code changes to older versions).
NVD/CVE DatabaseFix: The fix will be included in TensorFlow 2.8.0. The fix will also be backported (applied to older versions) in TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3.
NVD/CVE DatabaseFix: The fix will be included in TensorFlow 2.8.0. The fix will also be applied to TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, which are still in the supported range.
NVD/CVE DatabaseFix: The fix will be included in TensorFlow 2.8.0. TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3 will also receive this fix through cherrypicked commits (backports of the fix to older versions still being supported).
NVD/CVE DatabaseFix: The fix will be included in TensorFlow 2.8.0 and will also be backported to TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3 (which are still supported versions).
NVD/CVE DatabaseFix: The fix will be included in TensorFlow 2.8.0. The fix will also be applied to TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3 through backports (applying the same fix to older supported versions).
NVD/CVE DatabaseFix: The fix will be included in TensorFlow 2.8.0. Security patches will also be backported to TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, which are still in the supported range.
NVD/CVE DatabaseFix: The fix will be included in TensorFlow 2.8.0 and will also be applied to TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3 through cherrypicking (applying the same commit to older versions).
NVD/CVE DatabaseFix: The fix will be included in TensorFlow 2.8.0. It will also be backported (applied to earlier versions) to TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3.
NVD/CVE DatabaseFix: The fix will be included in TensorFlow 2.8.0. The vulnerability will also be patched in TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3 through backported commits (cherrypicks).
NVD/CVE DatabaseFix: A patch is available in the pytorch-lightning repository at commit 62f1e82e032eb16565e676d39e0db0cac7e34ace. Users should update to this patched version to fix the deserialization vulnerability.
NVD/CVE DatabaseGradio, a framework for building interactive machine learning demos, had a vulnerability in versions before 2.5.0 where users could read any file on the host computer if they knew the file path, since file access wasn't restricted (though files could only be opened in read-only mode). This meant anyone with a link to a Gradio interface could potentially access sensitive files on the server.
Fix: Update to Gradio version 2.5.0 or later, where the vulnerability has been patched.
NVD/CVE DatabaseFix: The issue is fixed in version 2.3.24. Users should update to this version or later.
NVD/CVE DatabaseFix: Upgrade to Aim v3.1.0, where the vulnerability is resolved.
NVD/CVE Database