PYSEC-2026-954
TensorFlow has Floating Point Exception in TFLite in conv kernel
Details
### Impact Constructing a tflite model with a paramater `filter_input_channel` of less than 1 gives a FPE.
### Patches We have patched the issue in GitHub commit [34f8368c535253f5c9cb3a303297743b62442aaa](https://github.com/tensorflow/tensorflow/commit/34f8368c535253f5c9cb3a303297743b62442aaa).
The fix will be included in TensorFlow 2.12. We will also cherrypick this commit on TensorFlow 2.11.1.
### For more information Please consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.
### Attribution This vulnerability was reported by Wang Xuan of Qihoo 360 AIVul Team.
Are you affected?
Enter the version of the package you're using.
Affected packages
0 Fixed in: 2.11.1 pip install --upgrade 'tensorflow-gpu>=2.11.1' References
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5w96-866f-6rm8 [WEB]
- https://nvd.nist.gov/vuln/detail/CVE-2023-27579 [ADVISORY]
- https://github.com/tensorflow/tensorflow/commit/34f8368c535253f5c9cb3a303297743b62442aaa [WEB]
- https://github.com/tensorflow/tensorflow [PACKAGE]
- https://pypi.org/project/tensorflow-gpu [PACKAGE]
- https://github.com/advisories/GHSA-5w96-866f-6rm8 [ADVISORY]