TensorFlow is vulnerable to Denial Of Service (DoS). The vulnerability exists due to the improper validation checks in the library, which leads to a segmentation fault with a null pointer dereference in ParallelConcat
with XLA
, allowing an attacker to cause an application crash when the given parameter shape
with a rank that is not greater than zero.
CPE | Name | Operator | Version |
---|---|---|---|
tensorflow | le | 2.11.0 | |
tensorflow-cpu | le | 2.11.0 | |
tensorflow-gpu | le | 2.11.0 | |
tensorflow | le | 2.11.0 | |
tensorflow-cpu | le | 2.11.0 | |
tensorflow-gpu | le | 2.11.0 |