2398198 – (CVE-2025-55559) CVE-2025-55559 tensorflow: Conv2D with 'valid' padding causes XLA compile crash leading to denial of service

Bug 2398198 (CVE-2025-55559) - CVE-2025-55559 tensorflow: Conv2D with 'valid' padding causes XLA compile crash leading to denial of service

Summary: CVE-2025-55559 tensorflow: Conv2D with 'valid' padding causes XLA compile cra...

Keywords:
Status:	NEW
Alias:	CVE-2025-55559
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-09-25 16:01:46 UTC

An issue was discovered TensorFlow v2.18.0. A Denial of Service (DoS) occurs when padding is set to 'valid' in tf.keras.layers.Conv2D.

Note You need to log in before you can comment on or make changes to this bug.