Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

vendredi 23 octobre 2020

TensorFlow up to 2.3.x Dimensions tf.quantization.quantize_and_dequantize axis out-of-bounds read

A vulnerability was found in TensorFlow up to 2.3.x (Artificial Intelligence Software). It has been rated as problematic. Affected by this issue is the function tf.quantization.quantize_and_dequantize of the component Dimensions Handler. Upgrading to version 2.4.0 eliminates this vulnerability. Applying the patch eccb7ec454e6617738554a255d77f08e60ee0808 is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.

Lien vers l'article source

Auteur: VulDB

Catégories: VulDBNombre de vues: 30

x

Événements SSI