---

CVE-2021-29565 - log back

CVE-2021-29565 edited at 14 May 2021 21:49:41
Type	- Unknown + Denial of service

CVE-2021-29565 edited at 14 May 2021 21:31:18
Severity	- Unknown + Low
Remote	- Unknown + Local
Description	+ A security issue has been found in TensorFlow before version 2.4.2. An attacker can trigger a null pointer dereference in the implementation of `tf.raw_ops.SparseFillEmptyRows`. This is because of missing validation(https://github.com/tensorflow/tensorflow/blob/fdc82089d206e281c628a93771336bf87863d5e8/tensorflow/core/kernels/sparse_fill_empty_rows_op.cc#L230-L231) that was covered under a `TODO`. If the `dense_shape` tensor is empty, then `dense_shape_t.vec<>()` would cause a null pointer dereference in the implementation of the op.
References	+ https://github.com/tensorflow/tensorflow/security/advisories/GHSA-r6pg-pjwc-j585 + https://github.com/tensorflow/tensorflow/commit/faa76f39014ed3b5e2c158593b1335522e573c7f

CVE-2021-29565 created at 14 May 2021 20:37:16
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes