tensorflow is vulnerable to integer overflow. The vulnerability exists in OpLevelCostEstimator::CalculateOutputSize
function of op_level_cost_estimator.cc
because it doesn’t validate the size of the user input which leads to an application crash.
github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/costs/op_level_cost_estimator.cc#L1598-L1617
github.com/tensorflow/tensorflow/commit/b9bd6cfd1c50e6807846af9a86f9b83cafc9c8ae
github.com/tensorflow/tensorflow/security/advisories/GHSA-wm93-f238-7v37