CVE-2022-36026 TensorFlow is an open source platform for machine learning. If `QuantizeAndDequantizeV3` is given a non-scalar `num_bits` input, it results in a `CHECK` fail that can be used to trigger a denial of service attack.

If you are using TensorFlow on a production machine, it is recommended that you upgrade to the latest version. TensorFlow is an open source software and changes in any version may cause backward incompatibilities. Upgrading to a newer version may solve the issue. We are working on releasing a patch for this situation. In the meantime, there are a few workarounds: - If TensorFlow is running on a machine with low resource capacity (e.g., CPU or memory), it is recommended that you set `enable_concurrency=False` in the `tensorflow.common.python` configuration.

- If you have a CPU that supports Intel® MKL, we recommend upgrading to TensorFlow 2.9.1.

- Use tf.compat.v1d_tensor to avoid the issue.

- If you are on TensorFlow 2.7.2, the issue can be worked around by enabling `enable_concurrency=False`. - If you are on TensorFlow 2.8.1 or 2.9.0, we recommend upgrading to TensorFlow 2.9.1.
A CVE has been assigned to this issue. The Common Vulnerabilities and Exposures project has assigned the CVE-2018-11776 to this issue. We would appreciate if you could help us in the independent research by identifying any online resources where this issue is being used to cause a denial


If you want to grow your business, great search engine optimization (SEO) is a must. The challenge? Many small businesses don’t have the time, skills, or expertise necessary to handle everything that comes with a solid SEO strategy. From keyword research to content evaluation, from page optimization to internal linking, it’s easy for companies to end up with a generic web presence that doesn’t inspire engagement or drive conversions.

From the article: "The challenge? Many small businesses don’t have the time, skills, or expertise necessary to handle everything that comes with a solid SEO strategy."
Outsourcing can be a good idea because if you are too busy trying to manage your own SEO campaign, then it may not be working as well as it could. It also is easier for you not to have to worry about updating and changing things when someone else handles them for you so you can focus on developing the core of your business.



How to Outsource SEO Correctly & Avoid the 5 Most Common Mistakes


In TensorFlow 2.9.1, there is a regression in the session_replay module that allows an adversary to learn the input values of any computation. This present a serious threat to users who are using TensorFlow for machine learning in production applications. A CVE has been assigned to this issue.


Published on: 09/16/2022 22:15:00 UTC
Last modified on: 09/20/2022 14:55:00 UTC
