Skip to content

[Tensorflow] Fix potential vulnerable cloned function#1016

Open
npt-1707 wants to merge 1 commit into
DeepRec-AI:mainfrom
npt-1707:fix_CVE-2021-29524
Open

[Tensorflow] Fix potential vulnerable cloned function#1016
npt-1707 wants to merge 1 commit into
DeepRec-AI:mainfrom
npt-1707:fix_CVE-2021-29524

Conversation

@npt-1707

@npt-1707 npt-1707 commented May 8, 2025

Copy link
Copy Markdown

Hi again,

I identified another potential vulnerability in a clone function ConvBackpropComputeDimensionsV2() in tensorflow/lite/kernels/quantize_op.cc sourced from tensorflow/tensorflow. This issue, originally reported in CVE-2021-29524, was resolved in the repository via this commit tensorflow/tensorflow@fca9874.

This PR applies the corresponding patch to fix the vulnerabilities in this codebase.

Additionally, I suggest updating this tensorflow component to avoid unexpected vulnerabilities.

Please review at your convenience. Thank you!

Signed-off-by: npt-1707 <npthanh132@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

1 participant