CVE-2021-37685

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.6.0 TensorFlow versions 2.5.1 and earlier TensorFlow versions 2.4.3 and earlier TensorFlow versions 2.3.4 and earlier

Description The issue is related to TensorFlow's TFLite, where the expand dims.cc file contains a vulnerability allowing the reading of one element outside the bounds of heap-allocated data. This occurs when the axis is a large negative value, causing the check after the if statement to pass and the for loop to read one element before the start of input dims.data. The vulnerability was reported by Yakun Zhang of Baidu Security.

Recommendations For versions prior to 2.6.0, update to TensorFlow 2.6.0 or later. For versions 2.5.1 and earlier, update to TensorFlow 2.5.1 or later. For versions 2.4.3 and earlier, update to TensorFlow 2.4.3 or later. For versions 2.3.4 and earlier, update to TensorFlow 2.3.4 or later. As a temporary workaround, consider restricting the use of the axis parameter in the affected expand dims.cc function until a patch is available.