tensorflow is vulnerable to denial of service (DoS) attacks. A malicious user is able to cause a null dereference by providing empty function attributes to the mlir::tfg::ConvertGenericFunctionToFunctionDef
function, causing the application to crash.
github.com/tensorflow/tensorflow/commit/0e0a0aa1513d3ff41080a4f5bc9f633985b2ff79
github.com/tensorflow/tensorflow/commit/21433b64b1b01261c77a147a115123171a86ee01
github.com/tensorflow/tensorflow/commit/aed36912609fc07229b4d0a7b44f3f48efc00fd0
github.com/tensorflow/tensorflow/commit/d63e1407ddf8d3a166b4db88b36cfee59589671d
github.com/tensorflow/tensorflow/pull/57331
github.com/tensorflow/tensorflow/pull/57332
github.com/tensorflow/tensorflow/pull/57333
github.com/tensorflow/tensorflow/security/advisories/GHSA-fqxc-pvf8-2w9v