In TensorFlow before version 2.6.0 an attacker can cause undefined behavior via binding a reference to null pointer in tf.raw_ops.RaggedTensorToSparse. The implementation has an incomplete validation of the splits values: it does not check that they are in increasing order.
In TensorFlow before version 2.6.0 an attacker can cause undefined behavior via binding a reference to null pointer in tf.raw_ops.RaggedTensorToSparse. The implementation has an incomplete validation of the splits values: it does not check that they are in increasing order.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4xfp-4pfp-89wg https://github.com/tensorflow/tensorflow/commit/1071f554dbd09f7e101324d366eec5f4fe5a3ece