Lucene search
PRIOn knowledge basePRION:CVE-2021-29563HistoryMay 14, 2021 - 8:15 p.m.
Code injection
2021-05-1420:15:00
PRIOn knowledge base
www.prio-n.com
4
0.0004 Low
EPSS
Percentile
12.8%
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a CHECK-failure coming from the implementation of tf.raw_ops.RFFT. Eigen code operating on an empty matrix can trigger on an assertion and will cause program termination. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.
| CPE | Name | Operator | Version |
|---|---|---|---|
| tensorflow | ge | 2.4.0 | |
| tensorflow | lt | 2.4.2 | |
| tensorflow | ge | 2.3.0 | |
| tensorflow | lt | 2.3.3 | |
| tensorflow | ge | 2.2.0 | |
| tensorflow | lt | 2.2.3 | |
| tensorflow | lt | 2.1.4 |
Related
osv
osv
PYSEC-2021-689
2021-05-14 20:15:00
PYSEC-2021-200
2021-05-14 20:15:00
CHECK-fail in `tf.raw_ops.RFFT`
2021-05-21 14:25:05
cve
cve
CVE-2021-29563
2021-05-14 20:15:13
cvelist
cvelist
CVE-2021-29563 CHECK-fail in `tf.raw_ops.RFFT`
2021-05-14 19:17:07
github
github
CHECK-fail in `tf.raw_ops.RFFT`
2021-05-21 14:25:05
nvd
nvd
CVE-2021-29563
2021-05-14 20:15:13
ibm
ibm