Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2021-37674  

In TensorFlow before version 2.6.0 an attacker can trigger a denial of service via a segmentation fault in tf.raw_ops.MaxPoolGrad caused by missing validation. The implementation misses some validation for the orig_input and orig_output tensors. The fixes for CVE-2021-29579 were incomplete.

Source
Severity Medium

Remote No

Type Denial of service

Description 

In TensorFlow before version 2.6.0 an attacker can trigger a denial of service via a segmentation fault in tf.raw_ops.MaxPoolGrad caused by missing validation. The implementation misses some validation for the orig_input and orig_output tensors. The fixes for CVE-2021-29579 were incomplete.

AVG-2292 tensorflow 2.5.0-6 2.5.1-1 Critical Fixed 

https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7ghq-fvr3-pj2x
https://github.com/tensorflow/tensorflow/commit/136b51f10903e044308cf77117c0ed9871350475

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started