CVE-2021-37638

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.6.0 TensorFlow version 2.5.1 TensorFlow version 2.4.3 TensorFlow version 2.3.4

Description The issue arises when sending an invalid argument for row partition types of the tf.raw ops.RaggedTensorToTensor API, resulting in a null pointer dereference and undefined behavior. This occurs because the implementation accesses the first element of a user-supplied list of values without validating that the provided list is not empty.

Recommendations For TensorFlow versions prior to 2.6.0, update to version 2.6.0 or later. For TensorFlow version 2.5.1, apply the patch from GitHub commit 301ae88b331d37a2a16159b65b255f4f9eb39314 or update to a later version. For TensorFlow version 2.4.3, apply the patch from GitHub commit 301ae88b331d37a2a16159b65b255f4f9eb39314 or update to a later version. For TensorFlow version 2.3.4, apply the patch from GitHub commit 301ae88b331d37a2a16159b65b255f4f9eb39314 or update to a later version. As a temporary workaround, consider validating the row partition types list before passing it to the tf.raw ops.RaggedTensorToTensor API to prevent null pointer dereferences.