PT-2021-23172 · Google · Tensorflow
Mihaimaruseac
·
Published
2021-11-05
·
Updated
2024-03-06
·
CVE-2021-41200
CVSS v4.0
6.8
Medium
| Vector | AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
TensorFlow versions prior to 2.7.0
TensorFlow versions 2.6.1 and earlier
TensorFlow versions 2.5.2 and earlier
TensorFlow versions 2.4.4 and earlier
Description
In affected versions, if
tf.summary.create file writer is called with non-scalar arguments, the code crashes due to a CHECK-fail. The issue is related to the tf.summary.create file writer function, which is used for creating a summary file writer. When this function is called with non-scalar arguments, it causes the code to crash.Recommendations
For versions prior to 2.7.0, update to TensorFlow 2.7.0 or later to resolve the issue.
For versions 2.6.1 and earlier, update to TensorFlow 2.6.1 or later to resolve the issue.
For versions 2.5.2 and earlier, update to TensorFlow 2.5.2 or later to resolve the issue.
For versions 2.4.4 and earlier, update to TensorFlow 2.4.4 or later to resolve the issue.
As a temporary workaround, consider avoiding the use of non-scalar arguments with the
tf.summary.create file writer function until a patch is available.Exploit
Fix
Assertion Failure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tensorflow