CVE-2021-41196 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	No
Type	Denial of service
Description	In TensorFlow before version 2.6.1, the Keras pooling layers can trigger a segfault if the size of the pool is 0 or if a dimension is negative. This is due to the TensorFlow's implementation of pooling operations where the values in the sliding window are not checked to be strictly positive.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-2529	tensorflow	2.6.0-6	2.6.1-1	High	Fixed

References
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m539-j985-hcr8 https://github.com/tensorflow/tensorflow/issues/51936 https://github.com/tensorflow/tensorflow/commit/12b1ff82b3f26ff8de17e58703231d5a02ef1b8b

References

https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m539-j985-hcr8
https://github.com/tensorflow/tensorflow/issues/51936
https://github.com/tensorflow/tensorflow/commit/12b1ff82b3f26ff8de17e58703231d5a02ef1b8b