CVE-2021-29606

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2 and earlier TensorFlow versions 2.3.3 and earlier TensorFlow versions 2.2.3 and earlier TensorFlow versions 2.1.4 and earlier

Description A specially crafted TFLite model could trigger an out-of-bounds read on the heap in the TFLite implementation of Split V. If the axis value is not a value between 0 and NumDimensions(input), then the SizeOfDimension function will access data outside the bounds of the tensor shape array.

Recommendations For versions prior to 2.5.0, update to TensorFlow 2.5.0 or later. For versions 2.4.2 and earlier, cherrypick the commit to the respective version. For versions 2.3.3 and earlier, cherrypick the commit to the respective version. For versions 2.2.3 and earlier, cherrypick the commit to the respective version. For versions 2.1.4 and earlier, cherrypick the commit to the respective version. As a temporary workaround, consider restricting the use of the Split V function until a patch is available.