CVE-2021-29523

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow version 2.4.2 TensorFlow version 2.3.3 TensorFlow version 2.2.3 TensorFlow version 2.1.4

Description: An attacker can trigger a denial of service via a CHECK-fail in tf.raw ops.AddManySparseToTensorsMap. This occurs because the implementation takes the values specified in sparse shape as dimensions for the output shape. The TensorShape constructor uses a CHECK operation which triggers when InitDims returns a non-OK status. This happens when adding a dimension from the argument results in overflow. The issue is due to a legacy implementation of the constructor and can be prevented by using BuildTensorShapeBase or AddDimWithStatus to handle overflows.

Recommendations: For TensorFlow versions prior to 2.5.0, update to version 2.5.0 or later. For TensorFlow version 2.4.2, apply the patch from GitHub commit 69c68ecbb24dff3fa0e46da0d16c821a2dd22d7c. For TensorFlow version 2.3.3, apply the patch from GitHub commit 69c68ecbb24dff3fa0e46da0d16c821a2dd22d7c. For TensorFlow version 2.2.3, apply the patch from GitHub commit 69c68ecbb24dff3fa0e46da0d16c821a2dd22d7c. For TensorFlow version 2.1.4, apply the patch from GitHub commit 69c68ecbb24dff3fa0e46da0d16c821a2dd22d7c. As a temporary workaround, consider avoiding the use of tf.raw ops.AddManySparseToTensorsMap with large sparse shape values until a patch is applied.