CVE-2022-21739

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1, 2.6.3, and 2.5.3 are also affected

Description The implementation of QuantizedMaxPool has an undefined behavior where user-controlled inputs can trigger a reference binding to a null pointer. This issue can be exploited when using the tf.raw ops.QuantizedMaxPool function with specific parameters, such as input, min input, max input, ksize, strides, and padding. For example, the following code snippet demonstrates the vulnerability:

import tensorflow as tf

tf.raw ops.QuantizedMaxPool(
  input = tf.constant([[[[4]]]], dtype=tf.quint8),
  min input = [],
  max input = [1],
  ksize = [1, 1, 1, 1],
  strides = [1, 1, 1, 1],
  padding = "SAME", name=None
)

The issue has been reported by Faysal Hossain Shezan from the University of Virginia.

Recommendations For TensorFlow versions prior to 2.8.0, update to version 2.8.0 or later to resolve the issue. For TensorFlow versions 2.7.1, 2.6.3, and 2.5.3, update to the respective patched versions to resolve the issue. As a temporary workaround, consider avoiding the use of the QuantizedMaxPool function until a patch is available.