CVE-2021-37641

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.6.0 TensorFlow versions 2.5.1 and earlier TensorFlow versions 2.4.3 and earlier TensorFlow versions 2.3.4 and earlier

Description In affected versions, if the arguments to tf.raw ops.RaggedGather don't determine a valid ragged tensor, code can trigger a read from outside of bounds of heap allocated buffers. The implementation directly reads the first dimension of a tensor shape before checking that said tensor has rank of at least 1. Furthermore, the implementation does not check that the list given by params nested splits is not an empty list of tensors.

Recommendations For versions prior to 2.6.0, update to TensorFlow 2.6.0 or later. For versions 2.5.1 and earlier, update to TensorFlow 2.5.1 or later. For versions 2.4.3 and earlier, update to TensorFlow 2.4.3 or later. For versions 2.3.4 and earlier, update to TensorFlow 2.3.4 or later. As a temporary workaround, consider disabling the tf.raw ops.RaggedGather function until a patch is available. Restrict access to the params nested splits parameter to minimize the risk of exploitation.