AVID-2026-R0747

Description

Segfault in tf.raw_ops.ImmutableConst (CVE-2021-29539)

Details

TensorFlow is an end-to-end open source platform for machine learning. Calling tf.raw_ops.ImmutableConst(https://www.tensorflow.org/api_docs/python/tf/raw_ops/ImmutableConst) with a dtype of tf.resource or tf.variant results in a segfault in the implementation as code assumes that the tensor contents are pure scalars. We have patched the issue in 4f663d4b8f0bec1b48da6fa091a7d29609980fa4 and will release TensorFlow 2.5.0 containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved. If using tf.raw_ops.ImmutableConst in code, you can prevent the segfault by inserting a filter for the dtype argument.

Reason for inclusion in AVID: CVE-2021-29539 describes a segfault in TensorFlow’s ImmutableConst when certain dtypes are used. This is a software vulnerability in a core AI framework used to build and deploy AI systems, i.e., a component in the AI software supply chain. The issue affects the AI software stack (TensorFlow) and has a patch referenced in the report, with CVE coverage and advisories. This constitutes a vulnerability in software used to run general-purpose AI systems. The report provides evidence (commit, advisory, references) sufficient to classify it as a security vulnerability in the AI software supply chain.

References

• NVD entry
• https://github.com/tensorflow/tensorflow/security/advisories/GHSA-g4h2-gqm3-c9wq
• https://github.com/tensorflow/tensorflow/commit/4f663d4b8f0bec1b48da6fa091a7d29609980fa4

Affected or Relevant Artifacts

• Developer: tensorflow
• Deployer: tensorflow
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2021-05-14
• Version: 0.3.3
• AVID Entry