CVE-2021-37651

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.6.0 TensorFlow version 2.5.1 TensorFlow version 2.4.3 TensorFlow version 2.3.4

Description The implementation for tf.raw ops.FractionalAvgPoolGrad can be tricked into accessing data outside of bounds of heap allocated buffers. The issue arises because the implementation does not validate that the input tensor is non-empty, resulting in the construction of an empty EigenDoubleMatrixMap and subsequent access to this buffer with indices that are outside of the empty area.

Recommendations For TensorFlow versions prior to 2.6.0, update to version 2.6.0 or later. For TensorFlow version 2.5.1, apply the patch from GitHub commit 0f931751fb20f565c4e94aa6df58d54a003cdb30. For TensorFlow version 2.4.3, apply the patch from GitHub commit 0f931751fb20f565c4e94aa6df58d54a003cdb30. For TensorFlow version 2.3.4, apply the patch from GitHub commit 0f931751fb20f565c4e94aa6df58d54a003cdb30. As a temporary workaround, consider restricting the use of the tf.raw ops.FractionalAvgPoolGrad function until a patch is available.