CVE-2021-29607 : TensorFlow is an end-to-end open source platform for machine learning. Incomplet

TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `SparseAdd` results in allowing attackers to exploit undefined behavior (dereferencing null pointers) as well as write outside of bounds of heap allocated data. The implementation(https://github.com/tensorflow/tensorflow/blob/656e7673b14acd7835dc778867f84916c6d1cac2/tensorflow/core/kernels/sparse_sparse_binary_op_shared.cc) has a large set of validation for the two sparse tensor inputs (6 tensors in total), but does not validate that the tensors are not empty or that the second dimension of `*_indices` matches the size of corresponding `*_shape`. This allows attackers to send tensor triples that represent invalid sparse tensors to abuse code assumptions that are not protected by validation. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

Published 2021-05-14 20:15:16

Updated 2021-05-18 15:08:11

Source GitHub, Inc.

View at NVD, CVE.org

Products affected by CVE-2021-29607

Google » Tensorflow
Versions from including (>=) 2.3.0 and before (<) 2.3.3
cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*
Matching versions
Google » Tensorflow
Versions before (<) 2.1.4
cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*
Matching versions
Google » Tensorflow
Versions from including (>=) 2.2.0 and before (<) 2.2.3
cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*
Matching versions
Google » Tensorflow
Versions from including (>=) 2.4.0 and before (<) 2.4.2
cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2021-29607

EPSS FAQ

0.05%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 12 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-29607

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.6	MEDIUM	AV:L/AC:L/Au:N/C:P/I:P/A:P	3.9	6.4	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
5.3	MEDIUM	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H	1.0	4.2	GitHub, Inc.
Attack Vector: Local Attack Complexity: High Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: Low Availability: High

CWE ids for CVE-2021-29607

CWE-754 Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

Assigned by: security-advisories@github.com (Primary)

References for CVE-2021-29607

https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gv26-jpj9-c8gq

Incomplete validation in `SparseSparseMinimum` · Advisory · tensorflow/tensorflow · GitHub
Exploit;Patch;Third Party Advisory
https://github.com/tensorflow/tensorflow/commit/ba6822bd7b7324ba201a28b2f278c29a98edbef2

Fix OOB issue with `tf.raw_ops.SparseSparseMinimum`. · tensorflow/tensorflow@ba6822b · GitHub
Patch;Third Party Advisory

CVEs referencing this url
https://github.com/tensorflow/tensorflow/commit/f6fde895ef9c77d848061c0517f19d0ec2682f3a

Validate that a and b are proper sparse tensors · tensorflow/tensorflow@f6fde89 · GitHub
Patch;Third Party Advisory

Jump to

Vulnerability Details : CVE-2021-29607

Products affected by CVE-2021-29607

Exploit prediction scoring system (EPSS) score for CVE-2021-29607

CVSS scores for CVE-2021-29607

CWE ids for CVE-2021-29607

References for CVE-2021-29607