We use cookies to improve your experience on our site.
AVID-2026-R0750
Description
Heap buffer overflow in StringNGrams (CVE-2021-29542)
Details
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow by passing crafted inputs to tf.raw_ops.StringNGrams. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/1cdd4da14282210cc759e468d9781741ac7d01bf/tensorflow/core/kernels/string_ngrams_op.cc#L171-L185) fails to consider corner cases where input would be split in such a way that the generated tokens should only contain padding elements. If input is such that num_tokens is 0, then, for data_start_index=0 (when left padding is present), the marked line would result in reading data[-1]. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.
Reason for inclusion in AVID: CVE-2021-29542 describes a heap buffer overflow in TensorFlow’s StringNGrams op, a software vulnerability in an AI framework. TensorFlow is a core AI software stack used to build/train/deploy AI systems, and this CVE affects software components (kernels/ops) used in AI pipelines. It is a security vulnerability with a concrete impact path (local attacker, potential memory corruption/crash) and the report provides the affected code path and fix notes, establishing evidence for AI-related supply chain impact.
References
- NVD entry
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4hrh-9vmp-2jgg
- https://github.com/tensorflow/tensorflow/commit/ba424dd8f16f7110eea526a8086f1a155f14f22b
Affected or Relevant Artifacts
- Developer: tensorflow
- Deployer: tensorflow
- Artifact Details:
| Type | Name |
|---|---|
| System | tensorflow |
Impact
AVID Taxonomy Categorization
- Risk domains: Security
- SEP subcategories: S0100: Software Vulnerability
- Lifecycle stages: L06: Deployment
CVSS
| Version | 3.1 |
| Vector String | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L |
| Base Score | 2.5 |
| Base Severity | 🟢 Low |
| Attack Vector | LOCAL |
| Attack Complexity | 🔴 High |
| Privileges Required | 🟢 Low |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | NONE |
| Integrity Impact | NONE |
| Availability Impact | 🟢 Low |
CWE
| ID | Description |
|---|---|
| CWE-131 | CWE-131: Incorrect Calculation of Buffer Size |
Other information
- Report Type: Advisory
- Credits:
- Date Reported: 2021-05-14
- Version: 0.3.3
- AVID Entry