摘要:
Tensorflow is an Open Source Machine Learning Framework. During shape inference, TensorFlow can allocate a large vector based on a value from a tensor controlled by the user. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
安全等级: Low
公告ID: KylinSec-SA-2022-1871
发布日期: 2022年8月11日
关联CVE: CVE-2022-23580
Tensorflow is an Open Source Machine Learning Framework. During shape inference, TensorFlow can allocate a large vector based on a value from a tensor controlled by the user. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2022-23580 | KY3.4-4A | tensorflow | Unaffected |
| CVE-2022-23580 | KY3.4-5A | tensorflow | Unaffected |
| CVE-2022-23580 | KY3.5.1 | tensorflow | Unaffected |
