CVE-2021-29612

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.5.0 TensorFlow version 2.4.2 TensorFlow version 2.3.3 TensorFlow version 2.2.3 TensorFlow version 2.1.4

Description An attacker can trigger a heap buffer overflow in the Eigen implementation of tf.raw ops.BandedTriangularSolve. The implementation calls ValidateInputTensors for input validation but fails to validate that the two tensors are not empty. Furthermore, since the OP REQUIRES macro only stops execution of the current function after setting ctx->status() to a non-OK value, callers of helper functions that use OP REQUIRES must check the value of ctx->status() before continuing. This does not happen in the op's implementation, hence the validation that is present is also not effective.

Recommendations For versions prior to 2.5.0, update to TensorFlow 2.5.0 or later. For version 2.4.2, update to a patched version or apply the fix from GitHub commit ba6822bd7b7324ba201a28b2f278c29a98edbef2. For version 2.3.3, update to a patched version or apply the fix from GitHub commit ba6822bd7b7324ba201a28b2f278c29a98edbef2. For version 2.2.3, update to a patched version or apply the fix from GitHub commit ba6822bd7b7324ba201a28b2f278c29a98edbef2. For version 2.1.4, update to a patched version or apply the fix from GitHub commit ba6822bd7b7324ba201a28b2f278c29a98edbef2. As a temporary workaround, consider disabling the tf.raw ops.BandedTriangularSolve operation until a patch is available.