Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2021-41215 - log back

CVE-2021-41215 created at 06 Nov 2021 00:15:16

Severity

+

Medium

Remote

+

Local

Type

+	Incorrect calculation

Description

+	In TensorFlow before version 2.6.1, the shape inference code for DeserializeSparse can trigger a null pointer dereference. This is because the shape inference function assumes that the serialize_sparse tensor is a tensor with positive rank (and having 3 as the last dimension).

References

+	https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x3v8-c8qx-3j3r
+	https://github.com/tensorflow/tensorflow/commit/d3738dd70f1c9ceb547258cbb82d853da8771850

Notes