Highpak-Laura

**Name of the Vulnerable Software and Affected Versions** TensorFlow versions prior to 2.11.0 TensorFlow versions 2.8.4, 2.9.3, and 2.10.1 are affected, but will be patched with a cherrypick commit. **Description** The function `MakeGrapplerFunctionItem` takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. **Recommendations** For versions prior to 2.11.0, update to TensorFlow 2.11.0 to resolve the issue. For versions 2.8.4, 2.9.3, and 2.10.1, apply the cherrypick commit to resolve the issue. As a temporary workaround, consider restricting the use of the `MakeGrapplerFunctionItem` function until a patch is available.