GHSA-WQ6Q-6M32-9RV9 TensorFlow vulnerable to `CHECK` fail in `SetSize`

Impact When SetSize receives an input setshape that is not a 1D tensor, it gives a CHECK fails that can be used to trigger a denial of service attack. python import tensorflow as tf arg0=1 arg1=1,1 arg2=1 arg3=True arg4='' tf.rawops.SetSizesetindices=arg0, setvalues=arg1, setshape=arg2,...

PT-2022-23091 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue occurs when the SetSize function receives an input set shape that is...