BIT-tensorflow-2023-27579

Import Source

https://github.com/bitnami/vulndb/tree/main/data/tensorflow/BIT-tensorflow-2023-27579.json

Aliases

CVE-2023-27579
GHSA-5w96-866f-6rm8

Published

2024-03-06T11:06:50.569Z

Modified

2024-03-06T11:25:28.861Z

Details

TensorFlow is an end-to-end open source platform for machine learning. Constructing a tflite model with a paramater filter_input_channel of less than 1 gives a FPE. This issue has been patched in version 2.12. TensorFlow will also cherrypick the fix commit on TensorFlow 2.11.1.

References

https://github.com/tensorflow/tensorflow/commit/34f8368c535253f5c9cb3a303297743b62442aaa
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5w96-866f-6rm8

Affected packages

Bitnami / tensorflow

Package

Name: tensorflow

Affected ranges

Type: SEMVER
Events: Introduced

0The exact introduced commit is unknown

Fixed

2.12.0