CVE-2023-25658

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.12.0 and 2.11.1

Description TensorFlow, an open source platform for machine learning, has an issue where an out of bounds read occurs in GRUBlockCellGrad. The function tf.raw ops.GRUBlockCellGrad is affected, with parameters such as x, h prev, w ru, w c, b ru, b c, r, u, c, and d h being used. This issue has been reported and a fix is included in versions 2.12.0 and 2.11.1.

Recommendations For versions prior to 2.12.0, update to version 2.12.0 to resolve the issue. For versions prior to 2.11.1, update to version 2.11.1 to resolve the issue. As a temporary workaround, consider restricting the use of the tf.raw ops.GRUBlockCellGrad function until a patch is applied.