CVE-2021-41195 log

Severity Medium
Remote No
Type Denial of service
In TensorFlow before version 2.6.1, the implementation of tf.math.segment_* operations results in a CHECK-fail related abort (and denial of service) if a segment id in segment_ids is large. This is similar to CVE-2021-29584 (and similar other reported vulnerabilities in TensorFlow, localized to specific APIs): the implementation (both on CPU and GPU) computes the output shape using AddDim. However, if the number of elements in the tensor overflows an int64_t value, AddDim results in a CHECK failure which provokes a std::abort. Instead, code should use AddDimWithStatus.
Group Package Affected Fixed Severity Status Ticket
AVG-2529 tensorflow 2.6.0-6 2.6.1-1 High Fixed