How severe is CVE-2021-29521?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2021-29521?

This is classified as CWE-131, which is a common weakness in software security.

CVE-2021-29521

MEDIUM Year: 2021

CVSS v3 Score

5.5

Medium

CVSS v2 Score

2.1

Low

Weakness Type

CWE-131

View all →

Vulnerability Description

TensorFlow is an end-to-end open source platform for machine learning. Specifying a negative dense shape in `tf.raw_ops.SparseCountSparseOutput` results in a segmentation fault being thrown out from the standard library as `std::vector` invariants are broken. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/8f7b60ee8c0206a2c99802e3a4d1bb55d2bc0624/tensorflow/core/kernels/count_ops.cc#L199-L213) assumes the first element of the dense shape is always positive and uses it to initialize a `BatchedMap<T>` (i.e., `std::vector<absl::flat_hash_map<int64,T>>`(https://github.com/tensorflow/tensorflow/blob/8f7b60ee8c0206a2c99802e3a4d1bb55d2bc0624/tensorflow/core/kernels/count_ops.cc#L27)) data structure. If the `shape` tensor has more than one element, `num_batches` is the first value in `shape`. Ensuring that the `dense_shape` argument is a valid tensor shape (that is, all elements are non-negative) solves this issue. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2 and TensorFlow 2.3.3.

CVE-2017-14934

MEDIUM

CVSS:5.5(Medium)

process_debug_info in dwarf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a ...

CWE-1312017

CVE-2019-5696

MEDIUM

CVSS:5.5(Medium)

NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in which the provision of an incorrectly sized buffer by a guest VM leads to GPU out-of-bound access, which may lead to a denial of s...

CWE-1312019

CVE-2020-14385

MEDIUM

CVSS:5.5(Medium)

A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt....

CWE-1312020

CVE-2021-29542

MEDIUM

CVSS:5.5(Medium)

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow by passing crafted inputs to `tf.raw_ops.StringNGrams`. This is because the implemen...

CWE-1312021

CVE-2021-29545

MEDIUM

CVSS:5.5(Medium)

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in converting sparse tensors to CSR Sparse matrices. This is becau...

CWE-1312021

CVE-2021-4155

MEDIUM

CVSS:5.5(Medium)

A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS f...

CWE-1312021

CVE-2021-29521

Vulnerability Description

Related Vulnerabilities

CVE-2017-14934

CVE-2019-5696

CVE-2020-14385

CVE-2021-29542

CVE-2021-29545

CVE-2021-4155