tensorflow is vulnerable for denial of service. The vulnerability exists because Compute(OpKernelContext* context)
function in maxpooling_op.cc
allows the attacker to make the gpu kernel give a check fail that can be used to trigger a denial of service attack by sending a window size input array with dimensions greater than its input tensor.
github.com/tensorflow/tensorflow/commit/32d7bd3defd134f21a4e344c8dfd40099aaf6b18
github.com/tensorflow/tensorflow/commit/36dd5ec5ba978563bc7a5b25bcd49ff339c35dfa
github.com/tensorflow/tensorflow/commit/bc967a05b534c498789ec7810cfd3e72973d0650
github.com/tensorflow/tensorflow/commit/f44c62973385b84df909d09e123a6851c6d1eb75
github.com/tensorflow/tensorflow/pull/57293
github.com/tensorflow/tensorflow/pull/57294
github.com/tensorflow/tensorflow/pull/57295
github.com/tensorflow/tensorflow/security/advisories/GHSA-j43h-pgmg-5hjq