CVE-2021-41196Integer Underflow (Wrap or Wraparound) in Tensorflow

CWE-191Integer Underflow (Wrap or Wraparound)6 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 85.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
TensorflowGoogle TensorflowIntel Optimization FOR Tensorflow
Timeline
PublishedNov 5
Latest updateNov 10

Description

TensorFlow is an open source platform for machine learning. In affected versions the Keras pooling layers can trigger a segfault if the size of the pool is 0 or if a dimension is negative. This is due to the TensorFlow's implementation of pooling operations where the values in the sliding window are not checked to be strictly positive. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also a

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

NVDgoogle/tensorflow2.5.02.5.2+2
CVEListV5tensorflow/tensorflow< 2.4.4+2
PyPIintel/optimization_for_tensorflow2.6.02.6.1+4

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

4
GHSA
Crash in `max_pool3d` when size argument is 0 or negative2021-11-10
OSV
Crash in `max_pool3d` when size argument is 0 or negative2021-11-10
CVEList
Crash in `max_pool3d` when size argument is 0 or negative2021-11-05
OSV
CVE-2021-41196: TensorFlow is an open source platform for machine learning2021-11-05

📋Vendor Advisories

1
Debian
CVE-2021-41196: tensorflow - TensorFlow is an open source platform for machine learning. In affected versions...2021
CVE-2021-41196 — Integer Underflow (Wrap or Wraparound) | cvebase