tensorflow is vulnerable to denial of service. The vulnerability exists due to the lack of santization of the allocation of memory during the implementation of ThreadPoolHandle
.
github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/data/experimental/threadpool_dataset_op.cc#L79-L135
github.com/tensorflow/tensorflow/commit/2350236983b10608231422d7d6bd636cdd85348d
github.com/tensorflow/tensorflow/commit/bf32fe44683b90e05f5ea35bed0456926915c5fb
github.com/tensorflow/tensorflow/commit/cf6959fce015c30557c755553fb9612a3bf7691d
github.com/tensorflow/tensorflow/commit/e3749a6d5d1e8d11806d4a2e9cc3123d1a90b75e
github.com/tensorflow/tensorflow/security/advisories/GHSA-c582-c96p-r5cq