Buffer Overflow Vulnerability in Google TensorFlow Product
CVE-2018-7575

9.8CRITICAL

Key Information:

Vendor: Google
Status: Tensorflow
Vendor: CVE Published:; 24 April 2019

What is CVE-2018-7575?

Google TensorFlow versions up to 1.7.x are susceptible to a buffer overflow vulnerability, which can potentially lead to exploitation in a specific context. Attackers may leverage this vulnerability to manipulate data falsely in the system, which could result in unintended behavior or compromises in system integrity. Developers and users of TensorFlow are advised to review security patches and recommendations to mitigate potential threats associated with this vulnerability.

References

https://github.com/tensorflow/tensorflow/blob/master/tens...

x_refsource_CONFIRM

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 24, 2019
Vulnerability Reserved
Feb 28, 2018