CVE-2021-37646

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.6.0 TensorFlow versions 2.5.1 and earlier TensorFlow versions 2.4.3 and earlier TensorFlow versions 2.3.4 and earlier

Description The implementation of tf.raw ops.StringNGrams is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on this value. The issue arises when the reserve method calls TF TString Reserve with a negative value for ngram widths, which is then implicitly converted to a large integer. This can occur when a user supplies negative ngram widths.

Recommendations For versions prior to 2.6.0, update to TensorFlow 2.6.0 or later. For versions 2.5.1 and earlier, update to TensorFlow 2.5.1 or later, or apply the patch from GitHub commit c283e542a3f422420cfdb332414543b62fc4e4a5. For versions 2.4.3 and earlier, update to TensorFlow 2.4.3 or later, or apply the patch from GitHub commit c283e542a3f422420cfdb332414543b62fc4e4a5. For versions 2.3.4 and earlier, update to TensorFlow 2.3.4 or later, or apply the patch from GitHub commit c283e542a3f422420cfdb332414543b62fc4e4a5. As a temporary workaround, consider restricting the use of the tf.raw ops.StringNGrams function with negative ngram widths until a patch is available.