Lucene search
Veracode Vulnerability DatabaseVERACODE:32845HistoryNov 08, 2021 - 7:43 p.m.
Denial Of Service (DoS)
2021-11-0819:43:49
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
denial of service tensorflow vulnerability buffer overflow application crash
EPSS
0
Percentile
14.2%
tensorflow is vulnerable to denial of service attacks. The vulnerability exists because ‘CopyDataFromTensorSliceToTensorSlice’ is not properly validated. An attacker is able to cause a buffer overflow by changing the saved checkpoints from outside the TensorFlow which results in an application crash.
References
github.com/tensorflow/tensorflow/commit/368af875869a204b4ac552b9ddda59f6a46a56ec
github.com/tensorflow/tensorflow/commit/abcced051cb1bd8fb05046ac3b6023a7ebcc4578
github.com/tensorflow/tensorflow/commit/b619c6f865715ca3b15ef1842b5b95edbaa710ad
github.com/tensorflow/tensorflow/commit/e8dc63704c88007ee4713076605c90188d66f3d2
github.com/tensorflow/tensorflow/security/advisories/GHSA-7pxj-m4jf-r6h2
Related
cnvd
cnvd
Google TensorFlow data forgery problem vulnerability
2021-11-24 00:00:00
osv
osv
PYSEC-2021-811
2021-11-05 21:15:00
PYSEC-2021-613
2021-11-05 21:15:00
Missing validation during checkpoint loading
2021-11-10 19:12:46
prion
prion
Integer overflow
2021-11-05 21:15:00
cve
cve
CVE-2021-41203
2021-11-05 21:15:08
nvd
nvd
CVE-2021-41203
2021-11-05 21:15:08
cvelist
cvelist
CVE-2021-41203 Missing validation during checkpoint loading
2021-11-05 21:05:13
github
github
Missing validation during checkpoint loading
2021-11-10 19:12:46
