CVE-2021-29575: Buffer Overflow
(updated )
TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.raw_ops.ReverseSequence
allows for stack overflow and/or CHECK
-fail based denial of service. The implementation fails to validate that seq_dim
and batch_dim
arguments are valid. Negative values for seq_dim
can result in stack overflow or CHECK
-failure, depending on the version of Eigen code used to implement the operation. Similar behavior can be exhibited by invalid values of batch_dim
.
References
Detect and mitigate CVE-2021-29575 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →