tensorflow is vulnerable to denial of service. Changing of the SavedModel protocol buffer and altering the name of required keys result in segfaults and data corruption while loading the model. This allows an attacker to cause a denial of service in products using the tensorflow-serving or other inference-as-a-service installments.