CVE-2021-29517 log

Severity Low
Remote No
Type Denial of service
A security issue has been found in TensorFlow before version 2.4.2. A malicious user could trigger a division by 0 in `Conv3D` implementation. The implementation( does a modulo operation based on user controlled input. Thus, when `filter` has a 0 as the fifth element, this results in a division by 0. Additionally, if the shape of the two tensors is not valid, an Eigen assertion can be triggered, resulting in a program crash.
Group Package Affected Fixed Severity Status Ticket
AVG-1962 tensorflow 2.4.1-10 2.5.0-1 Critical Fixed