CVE-2021-29608 - log back

CVE-2021-29608 edited at 14 May 2021 21:36:26
Severity
- Low
+ Medium
Type
- Unknown
+ Arbitrary code execution
CVE-2021-29608 edited at 14 May 2021 21:32:20
Severity
- Unknown
+ Low
Remote
- Unknown
+ Local
Description
+ A security issue has been found in TensorFlow before version 2.4.2. Due to lack of validation in `tf.raw_ops.RaggedTensorToTensor`, an attacker can exploit an undefined behavior if input arguments are empty. The implementation(https://github.com/tensorflow/tensorflow/blob/656e7673b14acd7835dc778867f84916c6d1cac2/tensorflow/core/kernels/ragged_tensor_to_tensor_op.cc#L356-L360) only checks that one of the tensors is not empty, but does not check for the other ones. There are multiple `DCHECK` validations to prevent heap OOB, but these are no-op in release builds, hence they don't prevent anything.
References
+ https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rgvq-pcvf-hx75
+ https://github.com/tensorflow/tensorflow/commit/f94ef358bb3e91d517446454edff6535bcfe8e4a
+ https://github.com/tensorflow/tensorflow/commit/c4d7afb6a5986b04505aca4466ae1951686c80f6
+ https://github.com/tensorflow/tensorflow/commit/b761c9b652af2107cfbc33efd19be0ce41daa33e
CVE-2021-29608 created at 14 May 2021 20:37:16
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes