CVE-2021-37692

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.6.0 TensorFlow version 2.5.1

Description TensorFlow is an end-to-end open source platform for machine learning. In affected versions, under certain conditions, Go code can trigger a segfault in string deallocation. For string tensors, C.TF TString Dealloc is called during garbage collection within a finalizer function. However, tensor structure isn't checked until encoding to avoid a performance penalty. The current method for dealloc assumes that encoding succeeded, but segfaults when a string tensor is garbage collected whose encoding failed, such as due to mismatched dimensions.

Recommendations For TensorFlow versions prior to 2.6.0, update to version 2.6.0 to resolve the issue. For TensorFlow version 2.5.1, apply the patch from GitHub commit 8721ba96e5760c229217b594f6d2ba332beedf22 or wait for the cherrypicked commit to be included in a future release. As a temporary workaround, consider restricting the use of string tensors with mismatched dimensions to minimize the risk of exploitation.