漏洞标题
通过无效的Ragged张量导致的空指针解引用
漏洞描述信息
通过无效的Ragged Tensors导致的空指针解引。
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
漏洞类别
N/A
漏洞标题
Null pointer dereference via invalid Ragged Tensors
漏洞描述信息
TensorFlow is an end-to-end open source platform for machine learning. Calling `tf.raw_ops.RaggedTensorToVariant` with arguments specifying an invalid ragged tensor results in a null pointer dereference. The implementation of `RaggedTensorToVariant` operations(https://github.com/tensorflow/tensorflow/blob/904b3926ed1c6c70380d5313d282d248a776baa1/tensorflow/core/kernels/ragged_tensor_to_variant_op.cc#L39-L40) does not validate that the ragged tensor argument is non-empty. Since `batched_ragged` contains no elements, `batched_ragged.splits` is a null vector, thus `batched_ragged.splits(0)` will result in dereferencing `nullptr`. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.
CVSS信息
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
漏洞类别
空指针解引用
漏洞标题
Google TensorFlow 代码问题漏洞
漏洞描述信息
Google TensorFlow是美国谷歌(Google)公司的一套用于机器学习的端到端开源平台。 TensorFlow 2.4.2,2.3.3,2.2.3,2.1.4 存在代码问题漏洞,该漏洞源于调用的tf.raw_ops.RaggedTensorToVariant带参数指定无效的不规则张量将导致空指针解引用。
CVSS信息
N/A
漏洞类别
代码问题