CVE-2021-37679

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.6.0 TensorFlow version 2.5.1 TensorFlow version 2.4.3 TensorFlow version 2.3.4

Description The issue arises when nesting a tf.map fn within another tf.map fn call, specifically with RaggedTensor inputs and no function signature provided. The code assumes the output is a fully specified tensor and fills the output buffer with uninitialized contents from the heap. This can lead to memory information leaks, as the last row of the output t contains data from the heap. The bug is in the conversion from a Variant tensor to a RaggedTensor, where the implementation does not check for matching inner shapes, resulting in additional dimensions. This can also cause data loss if the input tensor is tweaked.

Recommendations For TensorFlow versions prior to 2.6.0, update to version 2.6.0 or later. For TensorFlow version 2.5.1, apply the patch from GitHub commit 4e2565483d0ffcadc719bd44893fb7f609bb5f12 or update to a later version. For TensorFlow version 2.4.3, apply the patch from GitHub commit 4e2565483d0ffcadc719bd44893fb7f609bb5f12 or update to a later version. For TensorFlow version 2.3.4, apply the patch from GitHub commit 4e2565483d0ffcadc719bd44893fb7f609bb5f12 or update to a later version. As a temporary workaround, consider avoiding the use of nested tf.map fn calls with RaggedTensor inputs until the issue is resolved.