Out-of-bounds read in TensorFlow possibly causing disclosure of the contents of process memory.
Moderate severity
GitHub Reviewed
Published
May 13, 2020
to the GitHub Advisory Database
•
Updated Jan 9, 2023
Description
Reviewed
May 13, 2020
Published to the GitHub Advisory Database
May 13, 2020
Last updated
Jan 9, 2023
TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decode_bmp_op.cc.
References