---

CVE-2021-29534 - log back

CVE-2021-29534 edited at 14 May 2021 21:44:59
Type	- Unknown + Denial of service

CVE-2021-29534 edited at 14 May 2021 21:30:33
Severity	- Unknown + Low
Remote	- Unknown + Local
Description	+ A security issue has been found in TensorFlow before version 2.4.2. An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.SparseConcat`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/b432a38fe0e1b4b904a6c222cbce794c39703e87/tensorflow/core/kernels/sparse_concat_op.cc#L76) takes the values specified in `shapes[0]` as dimensions for the output shape. The `TensorShape` constructor(https://github.com/tensorflow/tensorflow/blob/6f9896890c4c703ae0a0845394086e2e1e523299/tensorflow/core/framework/tensor_shape.cc#L183-L188) uses a `CHECK` operation which triggers when `InitDims`(https://github.com/tensorflow/tensorflow/blob/6f9896890c4c703ae0a0845394086e2e1e523299/tensorflow/core/framework/tensor_shape.cc#L212-L296) returns a non-OK status. This is a legacy implementation of the constructor and operations should use `BuildTensorShapeBase` or `AddDimWithStatus` to prevent `CHECK`-failures in the presence of overflows.
References	+ https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6j9c-grc6-5m6g + https://github.com/tensorflow/tensorflow/commit/69c68ecbb24dff3fa0e46da0d16c821a2dd22d7c

CVE-2021-29534 created at 14 May 2021 20:37:16
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes