Wind River Support Network

HomeDefectsLIN1022-2444
Fixed

LIN1022-2444 : Security Advisory - tensorflow - CVE-2022-41884

Created: Nov 17, 2022    Updated: Feb 13, 2023
Resolved Date: Feb 13, 2023
Found In Version: 10.22.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Userspace

Description

TensorFlow is an open source platform for machine learning. If a numpy array is created with a shape such that one element is zero and the others sum to a large number, an error will be raised. We have patched the issue in GitHub commit 2b56169c16e375c521a3bc8ea658811cc0793784. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.

https://nvd.nist.gov/vuln/detail/CVE-2022-41884
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube