» 2023 » 3월

CVE-2023-25671

Posted on 2023년 3월 25일2023년 3월 25일 by admin

CVE-2023-25671

TensorFlow is an open source platform for machine learning. There is out-of-bounds access due to mismatched integer type sizes. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.

Source: CVE-2023-25671

CVE-2023-25664

Posted on 2023년 3월 25일2023년 3월 25일 by admin

CVE-2023-25664

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, there is a heap buffer overflow in TAvgPoolGrad. A fix is included in TensorFlow 2.12.0 and 2.11.1.

Source: CVE-2023-25664

CVE-2023-25669

Posted on 2023년 3월 25일2023년 3월 25일 by admin

CVE-2023-25669

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the stride and window size are not positive for `tf.raw_ops.AvgPoolGrad`, it can give a floating point exception. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.

Source: CVE-2023-25669

CVE-2023-25670

Posted on 2023년 3월 25일2023년 3월 25일 by admin

CVE-2023-25670

TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a null point error in QuantizedMatMulWithBiasAndDequantize with MKL enabled. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.

Source: CVE-2023-25670

CVE-2023-25667

Posted on 2023년 3월 25일2023년 3월 25일 by admin

CVE-2023-25667

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, integer overflow occurs when `2^31 <= num_frames * height * width * channels < 2^32`, for example Full HD screencast of at least 346 frames. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.

Source: CVE-2023-25667

CVE-2023-25668

Posted on 2023년 3월 25일2023년 3월 25일 by admin

CVE-2023-25668

TensorFlow is an open source platform for machine learning. Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution. The fix will be included in TensorFlow version 2.12.0 and will also cherrypick this commit on TensorFlow version 2.11.1.

Source: CVE-2023-25668

CVE-2023-25672

Posted on 2023년 3월 25일2023년 3월 25일 by admin

CVE-2023-25672

TensorFlow is an open source platform for machine learning. The function `tf.raw_ops.LookupTableImportV2` cannot handle scalars in the `values` parameter and gives an NPE. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.

Source: CVE-2023-25672

CVE-2023-25674

Posted on 2023년 3월 25일2023년 3월 25일 by admin

CVE-2023-25674

TensorFlow is an open source machine learning platform. Versions prior to 2.12.0 and 2.11.1 have a null pointer error in RandomShuffle with XLA enabled. A fix is included in TensorFlow 2.12.0 and 2.11.1.

Source: CVE-2023-25674

CVE-2023-25666

Posted on 2023년 3월 25일2023년 3월 25일 by admin

CVE-2023-25666

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, there is a floating point exception in AudioSpectrogram. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.

Source: CVE-2023-25666

CVE-2023-25675

Posted on 2023년 3월 25일2023년 3월 25일 by admin

CVE-2023-25675

TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, `tf.raw_ops.Bincount` segfaults when given a parameter `weights` that is neither the same shape as parameter `arr` nor a length-0 tensor. A fix is included in TensorFlow 2.12.0 and 2.11.1.

Source: CVE-2023-25675