漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
`CHECK` fail in `FakeQuantWithMinMaxVarsGradient` in TensorFlow
漏洞信息
TensorFlow is an open source platform for machine learning. When `tf.quantization.fake_quant_with_min_max_vars_gradient` receives input `min` or `max` that is nonscalar, it gives a `CHECK` fail that can trigger a denial of service attack. We have patched the issue in GitHub commit f3cf67ac5705f4f04721d15e485e192bb319feed. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.
漏洞信息
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
漏洞
可达断言
漏洞
Google TensorFlow 安全漏洞
漏洞信息
Google TensorFlow是美国谷歌(Google)公司的一套用于机器学习的端到端开源平台。 Google TensorFlow 存在安全漏洞,该漏洞源于当 tf.quantization.fake_quant_with_min_max_vars_gradient 接收到非标量的输入 min 或 max 时,它会给出可能触发拒绝服务攻击的断言失败。该漏洞将在 2.10.0 版本, 2.9.1 版本, 2.8.1 版本, 2.7.2 版本中得到修复。
漏洞信息
N/A
漏洞
N/A