Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

vendredi 23 octobre 2020

TensorFlow up to 2.3.x Large Value tf.image.crop_and_resize boxes memory corruption

A vulnerability classified as problematic has been found in TensorFlow up to 2.3.x (Artificial Intelligence Software). This affects the function tf.image.crop_and_resize of the component Large Value Handler. Upgrading to version 2.4.0 eliminates this vulnerability. Applying the patch eccb7ec454e6617738554a255d77f08e60ee0808 is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.

Lien vers l'article source

Auteur: VulDB

Catégories: VulDBNombre de vues: 31

x

Événements SSI