CVE-2021-37655

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.6.0 TensorFlow versions 2.5.1 and earlier TensorFlow versions 2.4.3 and earlier TensorFlow versions 2.3.4 and earlier

Description An attacker can trigger a read from outside of bounds of heap allocated data by sending invalid arguments to tf.raw ops.ResourceScatterUpdate. The implementation has an incomplete validation of the relationship between the shapes of indices and updates, instead of checking that the shape of indices is a prefix of the shape of updates, code only checks that the number of elements in these two tensors are in a divisibility relationship.

Recommendations For versions prior to 2.6.0, update to TensorFlow 2.6.0 or later. For versions 2.5.1 and earlier, update to TensorFlow 2.5.1 or later. For versions 2.4.3 and earlier, update to TensorFlow 2.4.3 or later. For versions 2.3.4 and earlier, update to TensorFlow 2.3.4 or later. As a temporary workaround, consider restricting the use of tf.raw ops.ResourceScatterUpdate until a patch is available. Avoid using invalid arguments to tf.raw ops.ResourceScatterUpdate until the issue is resolved.