CVE-2023-33976
published 2024-07-30CVE-2023-33976: TensorFlow is an end-to-end open source platform for machine learning. `array_ops.upper_bound` causes a segfault when not given a rank 2 tensor. The fix will…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
TensorFlow is an end-to-end open source platform for machine learning. `array_ops.upper_bound` causes a segfault when not given a rank 2 tensor. The fix will be included in TensorFlow 2.13 and will also cherrypick this commit on TensorFlow 2.12.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | tensorflow | — | — |
| tensorflow | < 2.13.0 | 2.13.0 | |
| intel | optimization_for_tensorflow | >= 0 < 2.12.1 | 2.12.1 |
| msrc | cbl2_tensorflow_2.11.1-2_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| tensorflow | tensorflow | < 2.13.0 | 2.13.0 |