CVE-2021-41210

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.7.0 TensorFlow versions 2.6.1 and earlier TensorFlow versions 2.5.2 and earlier TensorFlow versions 2.4.4 and earlier

Description The shape inference functions for SparseCountSparseOutput can trigger a read outside of bounds of heap allocated array. This issue arises because the function fails to check that the first input, indices, has rank 2. The vulnerability can be exploited by triggering the tf.raw ops.SparseCountSparseOutput function with specific inputs, such as indices with rank 1.

Recommendations For versions prior to 2.7.0, update to TensorFlow 2.7.0 or later. For versions 2.6.1 and earlier, update to TensorFlow 2.6.1 or later. For versions 2.5.2 and earlier, update to TensorFlow 2.5.2 or later. For versions 2.4.4 and earlier, update to TensorFlow 2.4.4 or later. As a temporary workaround, consider avoiding the use of tf.raw ops.SparseCountSparseOutput function until a patch is available.