Vulnerability Details : CVE-2021-41213

TensorFlow is an open source platform for machine learning. In affected versions the code behind `tf.function` API can be made to deadlock when two `tf.function` decorated Python functions are mutually recursive. This occurs due to using a non-reentrant `Lock` Python object. Loading any model which contains mutually recursive functions is vulnerable. An attacker can cause denial of service by causing users to load such models and calling a recursive `tf.function`, although this is not a frequent scenario. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.

Vulnerability category: Denial of service

Published 2021-11-05 23:15:08

Updated 2022-10-20 21:25:48

Source GitHub, Inc.

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2021-41213

Probability of exploitation activity in the next 30 days: 0.05%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 18 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2021-41213

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:N/A:P	8.6	2.9	nvd@nist.gov
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial
5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H	1.8	3.6	nvd@nist.gov
Attack Vector: Local Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: None Integrity: None Availability: High
5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	1.8	3.6	security-advisories@github.com
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2021-41213

CWE-662 Improper Synchronization

The product utilizes multiple threads or processes to allow temporary access to a shared resource that can only be exclusive to one process at a time, but it does not properly synchronize these actions, which might cause simultaneous accesses of this resource by multiple threads or processes.

Assigned by: nvd@nist.gov (Primary)
CWE-667 Improper Locking

The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

Assigned by: security-advisories@github.com (Secondary)

References for CVE-2021-41213

https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h67m-xg8f-fxcf

Deadlock in mutually recursive `tf.function` objects · Advisory · tensorflow/tensorflow · GitHub
Third Party Advisory
https://github.com/tensorflow/tensorflow/commit/afac8158d43691661ad083f6dd9e56f327c1dcb7

Fix the deadlock issue of recursive tf.function. · tensorflow/tensorflow@afac815 · GitHub
Patch;Third Party Advisory

Products affected by CVE-2021-41213

Google » Tensorflow
Versions from including (>=) 2.5.0 and before (<) 2.5.2
cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*
Matching versions
Google » Tensorflow
Versions from including (>=) 2.4.0 and before (<) 2.4.4
cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*
Matching versions
Google » Tensorflow
Versions from including (>=) 2.6.0 and before (<) 2.6.1
cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*
Matching versions
Google » Tensorflow » Version: 2.7.0 Update RC0
cpe:2.3:a:google:tensorflow:2.7.0:rc0:*:*:*:*:*:*
Matching versions
Google » Tensorflow » Version: 2.7.0 Update RC1
cpe:2.3:a:google:tensorflow:2.7.0:rc1:*:*:*:*:*:*
Matching versions