Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-MW6V-CRH8-8533
HistoryApr 30, 2019 - 3:36 p.m.

Integer Overflow or Wraparound in Google TensorFlow

2019-04-3015:36:41
Google
osv.dev
8

AI Score

9.5

Confidence

High

EPSS

0.001

Percentile

46.3%

JSON

Issue Description

Google TensorFlow 1.7.x and earlier is affected by a Buffer Overflow vulnerability. The type of exploitation is context-dependent. The block size in meta file might contain a large int64 value which causes an integer overflow upon addition. Subsequent code using n as index may cause an out-of-bounds read.

Impact

A maliciously crafted meta checkpoint could be used to cause the TensorFlow process to perform an out of bounds read on in process memory.

Related

cvelist 1
osv 4
nvd 1
cve 1
prion 1
veracode 1
github 1
cvelist
cvelist
CVE-2018-7575
2019-04-24 20:44:16
osv
osv
CVE-2018-7575
2019-04-24 21:29:00
PYSEC-2019-230
2019-04-24 21:29:00
PYSEC-2019-205
2019-04-24 21:29:00
nvd
nvd
CVE-2018-7575
2019-04-24 21:29:00
cve
cve
CVE-2018-7575
2019-04-24 21:29:00
prion
prion
Buffer overflow
2019-04-24 21:29:00
veracode
veracode
Denial Of Service (DoS)
2019-04-25 06:47:32
github
github
Integer Overflow or Wraparound in Google TensorFlow
2019-04-30 15:36:41

AI Score

9.5

Confidence

High

EPSS

0.001

Percentile

46.3%

JSON
Related for OSV:GHSA-MW6V-CRH8-8533
cvelist1osv4nvd1cve1prion1veracode1github1