Vulnerabilities > CVE-2021-37650 - Out-of-bounds Write vulnerability in Google Tensorflow

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

google

CWE-787

NVD

Published: 2021-08-12

Updated: 2021-08-18

Summary

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for `tf.raw_ops.ExperimentalDatasetToTFRecord` and `tf.raw_ops.DatasetToTFRecord` can trigger heap buffer overflow and segmentation fault. The [implementation](https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/data/experimental/to_tf_record_op.cc#L93-L102) assumes that all records in the dataset are of string type. However, there is no check for that, and the example given above uses numeric types. We have patched the issue in GitHub commit e0b6e58c328059829c3eb968136f17aa72b6c876. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.

Vulnerable Configurations

Part	Description	Count
Application	Google Google Tensorflow 2.3.0 Google Tensorflow 2.3.1 Google Tensorflow 2.3.2 Google Tensorflow 2.4.0 Google Tensorflow 2.4.1 Google Tensorflow 2.4.2 Google Tensorflow 2.5.0 Google Tensorflow 2.6.0	38

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References