Lucene search
GoogleOSV:CVE-2021-29599HistoryMay 14, 2021 - 8:15 p.m.
CVE-2021-29599
2021-05-1420:15:15
Google
osv.dev
1
0.0005 Low
EPSS
Percentile
17.8%
TensorFlow is an end-to-end open source platform for machine learning. The implementation of the Split TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow/tensorflow/blob/e2752089ef7ce9bcf3db0ec618ebd23ea119d0c7/tensorflow/lite/kernels/split.cc#L63-L65). An attacker can craft a model such that num_splits would be 0. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.
Related
veracode
veracode
Denial Of Service (DoS)
2021-05-17 11:08:53
osv
osv
PYSEC-2021-725
2021-05-14 20:15:00
Division by zero in TFLite's implementation of Split
2021-05-21 14:28:01
BIT-tensorflow-2021-29599
2024-03-06 11:18:20
prion
prion
Design/Logic Flaw
2021-05-14 20:15:00
cvelist
cvelist
CVE-2021-29599 Division by zero in TFLite's implementation of `Split`
2021-05-14 19:21:43
cve
cve
CVE-2021-29599
2021-05-14 20:15:15
nvd
nvd
CVE-2021-29599
2021-05-14 20:15:15
github
github
Division by zero in TFLite's implementation of Split
2021-05-21 14:28:01
ibm
ibm