Lugalurimo

**Name of the Vulnerable Software and Affected Versions** TensorFlow versions prior to 2.7.0 TensorFlow versions 2.6.1 and earlier TensorFlow versions 2.5.2 and earlier TensorFlow versions 2.4.4 and earlier **Description** The Keras pooling layers in TensorFlow can trigger a segfault if the size of the pool is 0 or if a dimension is negative. This issue arises due to TensorFlow's implementation of pooling operations, where the values in the sliding window are not checked to be strictly positive. **Recommendations** For versions prior to 2.7.0, update to TensorFlow 2.7.0 or later. For versions 2.6.1 and earlier, update to TensorFlow 2.6.1 or later. For versions 2.5.2 and earlier, update to TensorFlow 2.5.2 or later. For versions 2.4.4 and earlier, update to TensorFlow 2.4.4 or later. As a temporary workaround, consider avoiding the use of Keras pooling layers with a pool size of 0 or negative dimensions until a patch is available.

**Name of the Vulnerable Software and Affected Versions** TensorFlow versions prior to 2.7.0 TensorFlow versions 2.6.0 through 2.6.0 TensorFlow versions 2.5.0 through 2.5.1 TensorFlow versions 2.4.0 through 2.4.3 **Description** TensorFlow allows tensors to have a large number of dimensions and each dimension can be as large as desired. However, the total number of elements in a tensor must fit within an `int64 t`. If an overflow occurs, `MultiplyWithoutOverflow` would return a negative result, resulting in a `CHECK`-failure in the majority of the TensorFlow codebase. Newer constructs exist which return a `Status` instead of crashing the binary. For example, calls to `AddDim` should be replaced by `AddDimWithStatus`. **Recommendations** For versions prior to 2.7.0, update to TensorFlow 2.7.0 or later. For versions 2.6.0 through 2.6.0, update to TensorFlow 2.6.1 or later. For versions 2.5.0 through 2.5.1, update to TensorFlow 2.5.2 or later. For versions 2.4.0 through 2.4.3, update to TensorFlow 2.4.4 or later.