CVE-2021-41206: Improper Validation of Integrity Check Value
(updated )
TensorFlow is an open source platform for machine learning.Depending on the API, this can result in undefined behavior and segfault or CHECK
-fail related crashes but in some scenarios writes and reads from heap populated arrays are also possible. We have discovered these issues internally via tooling while working on improving/testing GPU op determinism. As such, we don’t have reproducers and there will be multiple fixes for these issues.
References
Detect and mitigate CVE-2021-41206 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →