tensorflow is vulnerable to denial of service attacks. The vulnerability exists because ‘CopyDataFromTensorSliceToTensorSlice’ is not properly validated. An attacker is able to cause a buffer overflow by changing the saved checkpoints from outside the TensorFlow which results in an application crash.
github.com/tensorflow/tensorflow/commit/368af875869a204b4ac552b9ddda59f6a46a56ec
github.com/tensorflow/tensorflow/commit/abcced051cb1bd8fb05046ac3b6023a7ebcc4578
github.com/tensorflow/tensorflow/commit/b619c6f865715ca3b15ef1842b5b95edbaa710ad
github.com/tensorflow/tensorflow/commit/e8dc63704c88007ee4713076605c90188d66f3d2
github.com/tensorflow/tensorflow/security/advisories/GHSA-7pxj-m4jf-r6h2