---

CVE-2021-29523 - log back

CVE-2021-29523 edited at 14 May 2021 21:42:57
Type	- Unknown + Denial of service

CVE-2021-29523 edited at 14 May 2021 21:30:16
Severity	- Unknown + Low
Remote	- Unknown + Local
Description	+ A security issue has been found in TensorFlow before version 2.4.2. An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.AddManySparseToTensorsMap`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/6f9896890c4c703ae0a0845394086e2e1e523299/tensorflow/core/kernels/sparse_tensors_map_ops.cc#L257) takes the values specified in `sparse_shape` as dimensions for the output shape. The `TensorShape` constructor(https://github.com/tensorflow/tensorflow/blob/6f9896890c4c703ae0a0845394086e2e1e523299/tensorflow/core/framework/tensor_shape.cc#L183-L188) uses a `CHECK` operation which triggers when `InitDims`(https://github.com/tensorflow/tensorflow/blob/6f9896890c4c703ae0a0845394086e2e1e523299/tensorflow/core/framework/tensor_shape.cc#L212-L296) returns a non-OK status. This is a legacy implementation of the constructor and operations should use `BuildTensorShapeBase` or `AddDimWithStatus` to prevent `CHECK`-failures in the presence of overflows.
References	+ https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2cpx-427x-q2c6 + https://github.com/tensorflow/tensorflow/commit/69c68ecbb24dff3fa0e46da0d16c821a2dd22d7c

CVE-2021-29523 created at 14 May 2021 20:37:16
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes