Denial Of Service (DoS)

tensorflow is vulnerable to denial of service. The vulnerability exists because the Conv3DTranspose function of conv3dtranspose.h does not properly increment the dataptr value, resulting in buffer overflows if numchannels outputnumchannels, allowing an attacker to cause an application crash by...

GHSA-H6Q3-VV32-2CQ5 Buffer overflow in `CONV_3D_TRANSPOSE` on TFLite

Impact The reference kernel of the CONV3DTRANSPOSE TensorFlow Lite operator wrongly increments the dataptr when adding the bias to the result. Instead of dataptr += numchannels; it should be dataptr += outputnumchannels; as if the number of input channels is different than the number of output...