Tensorflow is vulnerable to remote code execution. The vulnerability exists due to a heap OOB write in Grappler
allowing an attacker to use the set_output
function to writes to an array at the specified index.
github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/shape_inference.h#L394
github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/costs/graph_properties.cc#L1132-L1141
github.com/tensorflow/tensorflow/commit/97282c6d0d34476b6ba033f961590b783fa184cd
github.com/tensorflow/tensorflow/security/advisories/GHSA-5qw5-89mw-wcg2