AVID-2026-R0748

Description

Heap buffer overflow in Conv2DBackpropFilter (CVE-2021-29540)

Details

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow to occur in Conv2DBackpropFilter. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/1b0296c3b8dd9bd948f924aa8cd62f87dbb7c3da/tensorflow/core/kernels/conv_grad_filter_ops.cc#L495-L497) computes the size of the filter tensor but does not validate that it matches the number of elements in filter_sizes. Later, when reading/writing to this buffer, code uses the value computed here, instead of the number of elements in the tensor. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

Reason for inclusion in AVID: The candidate describes CVE-2021-29540, a heap buffer overflow in TensorFlow’s Conv2DBackpropFilter. This is a software vulnerability within a core AI framework used to build/train/deploy AI systems, i.e., a software supply chain issue in AI pipelines. The vulnerability affects TensorFlow dependencies and the description includes affected versions and a fix, providing sufficient evidence for curation.

References

• NVD entry
• https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xgc3-m89p-vr3x
• https://github.com/tensorflow/tensorflow/commit/c570e2ecfc822941335ad48f6e10df4e21f11c96

Affected or Relevant Artifacts

• Developer: tensorflow
• Deployer: tensorflow
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2021-05-14
• Version: 0.3.3
• AVID Entry