Vulnerabilities > CVE-2021-37656 - Access of Uninitialized Pointer vulnerability in Google Tensorflow

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

google

CWE-824

NVD

Published: 2021-08-12

Updated: 2021-08-18

Summary

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in `tf.raw_ops.RaggedTensorToSparse`. The [implementation](https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/ragged_tensor_to_sparse_kernel.cc#L30) has an incomplete validation of the splits values: it does not check that they are in increasing order. We have patched the issue in GitHub commit 1071f554dbd09f7e101324d366eec5f4fe5a3ece. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.

Vulnerable Configurations

Part	Description	Count
Application	Google Google Tensorflow 2.3.0 Google Tensorflow 2.3.1 Google Tensorflow 2.3.2 Google Tensorflow 2.4.0 Google Tensorflow 2.4.1 Google Tensorflow 2.4.2 Google Tensorflow 2.5.0 Google Tensorflow 2.6.0	38

Common Weakness Enumeration (CWE)

CWE-824 - Access of Uninitialized Pointer

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References