AVID-2026-R0729

Description

Division by zero in Conv3D (CVE-2021-29517)

Details

TensorFlow is an end-to-end open source platform for machine learning. A malicious user could trigger a division by 0 in Conv3D implementation. The implementation(https://github.com/tensorflow/tensorflow/blob/42033603003965bffac51ae171b51801565e002d/tensorflow/core/kernels/conv_ops_3d.cc#L143-L145) does a modulo operation based on user controlled input. Thus, when filter has a 0 as the fifth element, this results in a division by 0. Additionally, if the shape of the two tensors is not valid, an Eigen assertion can be triggered, resulting in a program crash. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

Reason for inclusion in AVID: CVE-2021-29517 describes a division-by-zero vulnerability in TensorFlow’s Conv3D kernel, triggering a crash via a user-controlled input. TensorFlow is a core AI framework used in ML pipelines; this is a software supply-chain issue affecting AI software stacks. The vulnerability is CWE-369 (Divide By Zero) and affects deployment/runtime behavior; a fix and affected versions are documented. Therefore it should be kept for AVID curation as a general-purpose AI supply chain vulnerability.

References

• NVD entry
• https://github.com/tensorflow/tensorflow/security/advisories/GHSA-772p-x54p-hjrv
• https://github.com/tensorflow/tensorflow/commit/799f835a3dfa00a4d852defa29b15841eea9d64f

Affected or Relevant Artifacts

• Developer: tensorflow
• Deployer: tensorflow
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2021-05-14
• Version: 0.3.3
• AVID Entry