Hugging Face's logo

Rodion111
/
tf-gif-dos-poc

security
vulnerability
dos
tensorflow
cwe-770
Model card Files
xet
 Community

TensorFlow GIF Decoder DoS β€” Proof of Concept

CVE: Pending
Severity: High (CVSS 7.5) β€” CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-770: Allocation of Resources Without Limits or Throttling
Affected: tensorflow β€” DecodeGifV2 in decode_image_op.cc

Summary

A 35-byte crafted GIF file triggers a ~3 GB unbounded memory allocation in TensorFlow's DecodeGifV2 kernel, crashing the process with OOM. This inconsistency exists because BMP/PNG/WebP decoders in the same file enforce hard limits, but GIF does not.

Files

  • poc_exploit.py β€” generates malicious GIF and triggers OOM
  • vulnerability_report.md β€” full technical report

Quick Reproduction 

pip install tensorflow
python3 poc_exploit.py

Researcher

Rodion Khoroshev (Rodion111)
Reported: 2026-04-09

Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model isn't deployed by any Inference Provider. πŸ™‹ Ask for provider support