GHSA-Q7F7-544H-67H9 FPE in TFLite pooling operations

Impact The implementations of pooling in TFLite are vulnerable to division by 0 errors as there are no checks for divisors not being 0. Patches We have patched the issue in GitHub commit dfa22b348b70bb89d6d6ec0ff53973bacb4f4695. The fix will be included in TensorFlow 2.6.0. We will also cherrypic...

PT-2021-21803 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.6.0 TensorFlow versions 2.5.1 and earlier TensorFlow versions 2.4.3 and earlier TensorFlow versions 2.3.4 and earlier Description: The implementations of pooling in TFLite are vulnerable to division by 0 errors ...