{"containers":{"cna":{"title":"CHECK-fail in `QuantizeAndDequantizeV4Grad`","problemTypes":[{"descriptions":[{"cweId":"CWE-754","lang":"en","description":"CWE-754: Improper Check for Unusual or Exceptional Conditions","type":"CWE"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"LOW","baseScore":2.5,"baseSeverity":"LOW","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L","version":"3.1"}}],"references":[{"name":"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6g85-3hm8-83f9","tags":["x_refsource_CONFIRM"],"url":"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6g85-3hm8-83f9"},{"name":"https://github.com/tensorflow/tensorflow/commit/20431e9044cf2ad3c0323c34888b192f3289af6b","tags":["x_refsource_MISC"],"url":"https://github.com/tensorflow/tensorflow/commit/20431e9044cf2ad3c0323c34888b192f3289af6b"},{"name":"https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L162-L163","tags":["x_refsource_MISC"],"url":"https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L162-L163"},{"name":"https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.h#L295-L306","tags":["x_refsource_MISC"],"url":"https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.h#L295-L306"}],"affected":[{"vendor":"tensorflow","product":"tensorflow","versions":[{"version":">= 2.4.0, < 2.4.2","status":"affected"}]}],"providerMetadata":{"orgId":"a0819718-46f1-4df5-94e2-005712e83aaa","shortName":"GitHub_M","dateUpdated":"2024-10-31T20:41:21.258Z"},"descriptions":[{"lang":"en","value":"TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.QuantizeAndDequantizeV4Grad`. This is because the implementation does not validate the rank of the `input_*` tensors. In turn, this results in the tensors being passes as they are to `QuantizeAndDequantizePerChannelGradientImpl`. However, the `vec<T>` method, requires the rank to 1 and triggers a `CHECK` failure otherwise. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2 as this is the only other affected version."}],"source":{"advisory":"GHSA-6g85-3hm8-83f9","discovery":"UNKNOWN"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T22:11:05.634Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6g85-3hm8-83f9"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/tensorflow/tensorflow/commit/20431e9044cf2ad3c0323c34888b192f3289af6b"}]}]},"cveMetadata":{"assignerOrgId":"a0819718-46f1-4df5-94e2-005712e83aaa","assignerShortName":"GitHub_M","cveId":"CVE-2021-29544","datePublished":"2021-05-14T19:11:06.000Z","dateReserved":"2021-03-30T00:00:00.000Z","dateUpdated":"2024-10-31T20:41:21.258Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}