tensorflow is vulnerable to denial of service. The vulnerability exists Compute
function of conv_grad_input_ops.h
because the CPU/GPU kernels are not properly handled for empty out_backprop
inputs which allows an attacker to cause an application crash by sending malicious inputs.
Vendor | Product | Version | CPE |
---|---|---|---|
* | tensorflow-cpu | * | cpe:2.3:a:*:tensorflow-cpu:*:*:*:*:*:*:*:* |
* | tensorflow-gpu | * | cpe:2.3:a:*:tensorflow-gpu:*:*:*:*:*:*:*:* |
tensorflow | tensorflow | * | cpe:2.3:a:tensorflow:tensorflow:*:*:*:*:*:*:*:* |
github.com/tensorflow/tensorflow/commit/27a65a43cf763897fecfa5cdb5cc653fc5dd0346
github.com/tensorflow/tensorflow/commit/5d895642b569553863df4047a5d1f8f2c16c0f9a
github.com/tensorflow/tensorflow/commit/c7fb62e7a404fba6bf6affc9dfe7438ae540d0a6
github.com/tensorflow/tensorflow/commit/d0bf8d0ce00defd0046003670f8d63542dcb4bd4
github.com/tensorflow/tensorflow/pull/57296
github.com/tensorflow/tensorflow/pull/57297
github.com/tensorflow/tensorflow/pull/57298
github.com/tensorflow/tensorflow/security/advisories/GHSA-37jf-mjv6-xfqw