tensorflow is vulnerable to denial of service (DoS) attacks. A segmentation fault in RaggedBincount
could be triggered via an empty input tensor through splits
, which allows remote attackers to cause denial of service conditions in the system.
github.com/tensorflow/tensorflow/commit/2b998df403236e915929784b9675c1d6b467e905
github.com/tensorflow/tensorflow/commit/4120fc7ae19b5f04ee95d37344da857a28cd02f8
github.com/tensorflow/tensorflow/commit/5475c0dd0f2fdb9aa8a7297d9cc71e06b7a0a552
github.com/tensorflow/tensorflow/commit/7a4591fd4f065f4fa903593bc39b2f79530a74b8
github.com/tensorflow/tensorflow/pull/57287
github.com/tensorflow/tensorflow/pull/57288
github.com/tensorflow/tensorflow/pull/57289
github.com/tensorflow/tensorflow/security/advisories/GHSA-wr9v-g9vf-c74v