TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when the parameter `summarize` of `tf.raw_ops.Print` is zero, the new method `SummarizeArray<bool>` will reference to a nullptr, leading to a seg fault. A fix is included in TensorFlow version 2.12 and version 2.11.1.
References
Link | Resource |
---|---|
https://github.com/tensorflow/tensorflow/commit/6d423b8bcc9aa9f5554dc988c1c16d038b508df1 | Patch |
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qjqc-vqcf-5qvj | Patch Vendor Advisory |
Configurations
History
07 Nov 2023, 04:09
Type | Values Removed | Values Added |
---|---|---|
Summary | TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when the parameter `summarize` of `tf.raw_ops.Print` is zero, the new method `SummarizeArray<bool>` will reference to a nullptr, leading to a seg fault. A fix is included in TensorFlow version 2.12 and version 2.11.1. |
30 Mar 2023, 19:41
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
First Time |
Google
Google tensorflow |
|
References | (MISC) https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qjqc-vqcf-5qvj - Patch, Vendor Advisory | |
References | (MISC) https://github.com/tensorflow/tensorflow/commit/6d423b8bcc9aa9f5554dc988c1c16d038b508df1 - Patch |
25 Mar 2023, 00:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-03-25 00:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-25660
Mitre link : CVE-2023-25660
CVE.ORG link : CVE-2023-25660
JSON object : View
Products Affected
- tensorflow
CWE
CWE-476
NULL Pointer Dereference