CVE-2021-37645

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.6.0 TensorFlow version 2.5.1 TensorFlow version 2.4.3

Description The implementation of tf.raw ops.QuantizeAndDequantizeV4Grad is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on this value. The issue arises when the axis value is used as the size argument to absl::InlinedVector constructor, which uses an unsigned type for the argument, transforming negative values to large integers.

Recommendations For TensorFlow versions prior to 2.6.0, update to version 2.6.0 or later to resolve the issue. For TensorFlow version 2.5.1, apply the patch from GitHub commit 96f364a1ca3009f98980021c4b32be5fdcca33a1. For TensorFlow version 2.4.3, apply the patch from GitHub commit 96f364a1ca3009f98980021c4b32be5fdcca33a1. As a temporary workaround, consider restricting the use of the tf.raw ops.QuantizeAndDequantizeV4Grad function until a patch is available.