CVE-2021-37687

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.6.0 TensorFlow versions 2.5.1 and earlier TensorFlow versions 2.4.3 and earlier TensorFlow versions 2.3.4 and earlier

Description The issue arises from TFLite's GatherNd implementation not supporting negative indices but lacking checks for this situation, allowing an attacker to read arbitrary data from the heap by crafting a model with negative values in indices. A similar issue exists in the Gather implementation. This can be exploited by carefully crafting a model, as demonstrated in a provided Python example, which utilizes the tf.gather function with negative indices values to read data from the heap.

Recommendations For versions prior to 2.6.0, update to TensorFlow 2.6.0 or later. For versions 2.5.1 and earlier, update to TensorFlow 2.5.1 or later. For versions 2.4.3 and earlier, update to TensorFlow 2.4.3 or later. For versions 2.3.4 and earlier, update to TensorFlow 2.3.4 or later. As a temporary workaround, consider disabling the GatherNd and Gather implementations until a patch is available. Restrict access to the vulnerable TFLite kernel to minimize the risk of exploitation. Avoid using negative values in indices for the affected API endpoints until the issue is resolved.