CVE-2021-29529

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.1.4 through 2.4.2

Description: An attacker can trigger a heap buffer overflow in tf.raw ops.QuantizedResizeBilinear by manipulating input values so that float rounding results in off-by-one error in accessing image elements. This occurs because the implementation computes two integers (representing the upper and lower bounds for interpolation) by ceiling and flooring a floating point value. For some values of in, interpolation->upper[i] might be smaller than interpolation->lower[i], which is an issue if interpolation->upper[i] is capped at in size-1 as it means that interpolation->lower[i] points outside of the image. Then, in the interpolation code, this would result in heap buffer overflow.

Recommendations: For versions prior to 2.5.0, update to TensorFlow 2.5.0 or later. For versions 2.1.4 through 2.4.2, update to the respective patched versions: 2.1.4, 2.2.3, 2.3.3, or 2.4.2. As a temporary workaround, consider restricting the use of the tf.raw ops.QuantizedResizeBilinear function until a patch is available.