CVE-2021-29585 - log back

CVE-2021-29585 edited at 14 May 2021 21:53:13
Type
- Unknown
+ Insufficient validation
CVE-2021-29585 edited at 14 May 2021 21:31:47
Severity
- Unknown
+ Low
Remote
- Unknown
+ Local
Description
+ A security issue has been found in TensorFlow before version 2.4.2. The TFLite computation for size of output after padding, `ComputeOutSize`(https://github.com/tensorflow/tensorflow/blob/0c9692ae7b1671c983569e5d3de5565843d500cf/tensorflow/lite/kernels/padding.h#L43-L55), does not check that the `stride` argument is not 0 before doing the division. Users can craft special models such that `ComputeOutSize` is called with `stride` set to 0.
References
+ https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mv78-g7wq-mhp4
+ https://github.com/tensorflow/tensorflow/commit/49847ae69a4e1a97ae7f2db5e217c77721e37948
CVE-2021-29585 created at 14 May 2021 20:37:16
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes