CVE-2021-29549

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.1 and earlier TensorFlow versions 2.3.2 and earlier TensorFlow versions 2.2.2 and earlier TensorFlow versions 2.1.3 and earlier

Description An attacker can cause a runtime division by zero error and denial of service in tf.raw ops.QuantizedBatchNormWithGlobalNormalization and tf.raw ops.QuantizedAdd. This is because the implementation computes a modulo operation without validating that the divisor is not zero. Since vector num elements is determined based on input shapes, a user can trigger scenarios where this quantity is 0.

Recommendations For TensorFlow versions prior to 2.5.0, update to TensorFlow 2.5.0 or later. For TensorFlow versions 2.4.1 and earlier, update to TensorFlow 2.4.2 or later. For TensorFlow versions 2.3.2 and earlier, update to TensorFlow 2.3.3 or later. For TensorFlow versions 2.2.2 and earlier, update to TensorFlow 2.2.3 or later. For TensorFlow versions 2.1.3 and earlier, update to TensorFlow 2.1.4 or later. As a temporary workaround, consider disabling the tf.raw ops.QuantizedBatchNormWithGlobalNormalization and tf.raw ops.QuantizedAdd functions until a patch is available. Restrict access to the vulnerable modules to minimize the risk of exploitation. Avoid using the vector num elements variable in the affected API endpoints until the issue is resolved.