CVE-2021-29547

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2 and earlier TensorFlow versions 2.3.3 and earlier TensorFlow versions 2.2.3 and earlier TensorFlow versions 2.1.4 and earlier

Description An attacker can cause a segfault and denial of service via accessing data outside of bounds in tf.raw ops.QuantizedBatchNormWithGlobalNormalization. This is because the implementation assumes the inputs are not empty. If any of these inputs is empty, .flat<T>() is an empty buffer, so accessing the element at index 0 is accessing data outside of bounds.

Recommendations For versions prior to 2.5.0, update to TensorFlow 2.5.0 or later. For versions 2.4.2 and earlier, update to TensorFlow 2.4.2 or later. For versions 2.3.3 and earlier, update to TensorFlow 2.3.3 or later. For versions 2.2.3 and earlier, update to TensorFlow 2.2.3 or later. For versions 2.1.4 and earlier, update to TensorFlow 2.1.4 or later. As a temporary workaround, consider avoiding the use of tf.raw ops.QuantizedBatchNormWithGlobalNormalization with empty inputs until a patch is available.