---

CVE-2021-29572 - log back

CVE-2021-29572 edited at 14 May 2021 21:51:17
Type	- Unknown + Denial of service

CVE-2021-29572 edited at 14 May 2021 21:31:28
Severity	- Unknown + Low
Remote	- Unknown + Local
Description	+ A security issue has been found in TensorFlow before version 2.4.2. The implementation of `tf.raw_ops.SdcaOptimizer` triggers undefined behavior due to dereferencing a null pointer. The implementation(https://github.com/tensorflow/tensorflow/blob/60a45c8b6192a4699f2e2709a2645a751d435cc3/tensorflow/core/kernels/sdca_internal.cc) does not validate that the user supplied arguments satisfy all constraints expected by the op(https://www.tensorflow.org/api_docs/python/tf/raw_ops/SdcaOptimizer).
References	+ https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5gqf-456p-4836 + https://github.com/tensorflow/tensorflow/commit/f7cc8755ac6683131fdfa7a8a121f9d7a9dec6fb

CVE-2021-29572 created at 14 May 2021 20:37:16
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes