CVE-2021-29525 log
| Source |
|
| Severity | Low |
| Remote | No |
| Type | Denial of service |
| Description | A security issue has been found in TensorFlow before version 2.4.2. An attacker can trigger a division by 0 in `tf.raw_ops.Conv2DBackpropInput`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/b40060c9f697b044e3107917c797ba052f4506ab/tensorflow/core/kernels/conv_grad_input_ops.h#L625-L655) does a division by a quantity that is controlled by the caller. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-1962 | tensorflow | 2.4.1-10 | 2.5.0-1 | Critical | Fixed |
| References |
|---|
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xm2v-8rrw-w9pm https://github.com/tensorflow/tensorflow/commit/2be2cdf3a123e231b16f766aa0e27d56b4606535 |