CVE-2021-29609
Incomplete validation in `SparseAdd`
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `SparseAdd` results in allowing attackers to exploit undefined behavior (dereferencing null pointers) as well as write outside of bounds of heap allocated data. The implementation(https://github.com/tensorflow/tensorflow/blob/656e7673b14acd7835dc778867f84916c6d1cac2/tensorflow/core/kernels/sparse_add_op.cc) has a large set of validation for the two sparse tensor inputs (6 tensors in total), but does not validate that the tensors are not empty or that the second dimension of `*_indices` matches the size of corresponding `*_shape`. This allows attackers to send tensor triples that represent invalid sparse tensors to abuse code assumptions that are not protected by validation. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.
TensorFlow es una plataforma de código abierto de extremo a extremo para el aprendizaje automático. Una comprobación incompleta en "SparseAdd" resulta en que los atacantes puedan explotar el comportamiento indefinido (desreferenciar punteros nulls), así como escribir fuera de límites de los datos asignados a la pila. La implementación (https://github.com/tensorflow/tensorflow/blob/656e7673b14acd7835dc778867f84916c6d1cac2/tensorflow/core/kernels/sparse_add_op.cc) presenta un gran conjunto de comprobación para las dos entradas de tensor dispersas (6 tensores en total), pero no comprobar que los tensores no estén vacíos o que la segunda dimensión de "*_indices" coincida con el tamaño de "*_shape" correspondiente. Esto permite a los atacantes enviar triples de tensor que representan tensores dispersos no comprobados para abusar de supuestos de código que no están protegidos por comprobación. La corrección será incluída en TensorFlow versión 2.5.0. También seleccionaremos este commits en TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 y TensorFlow 2.1.4, ya que también están afectadas y aún se encuentran en el rango compatible
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-03-30 CVE Reserved
- 2021-05-14 CVE Published
- 2023-08-06 EPSS Updated
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-476: NULL Pointer Dereference
- CWE-665: Improper Initialization
- CWE-787: Out-of-bounds Write
CAPEC
References (3)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cjc7-49v2-jp64 | 2024-08-03 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Google Search vendor "Google" | Tensorflow Search vendor "Google" for product "Tensorflow" | < 2.1.4 Search vendor "Google" for product "Tensorflow" and version " < 2.1.4" | - |
Affected
| ||||||
| Google Search vendor "Google" | Tensorflow Search vendor "Google" for product "Tensorflow" | >= 2.2.0 < 2.2.3 Search vendor "Google" for product "Tensorflow" and version " >= 2.2.0 < 2.2.3" | - |
Affected
| ||||||
| Google Search vendor "Google" | Tensorflow Search vendor "Google" for product "Tensorflow" | >= 2.3.0 < 2.3.3 Search vendor "Google" for product "Tensorflow" and version " >= 2.3.0 < 2.3.3" | - |
Affected
| ||||||
| Google Search vendor "Google" | Tensorflow Search vendor "Google" for product "Tensorflow" | >= 2.4.0 < 2.4.2 Search vendor "Google" for product "Tensorflow" and version " >= 2.4.0 < 2.4.2" | - |
Affected
| ||||||