Home » Database

AVID-2026-R0760

Description

Division by 0 in DenseCountSparseOutput (CVE-2021-29554)

Details

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in tf.raw_ops.DenseCountSparseOutput. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/efff014f3b2d8ef6141da30c806faf141297eca1/tensorflow/core/kernels/count_ops.cc#L123-L127) computes a divisor value from user data but does not check that the result is 0 before doing the division. Since data is given by the values argument, num_batch_elements is 0. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, and TensorFlow 2.3.3, as these are also affected.

Reason for inclusion in AVID: CVE-2021-29554 describes a divide-by-zero bug in TensorFlow’s DenseCountSparseOutput that can lead to a denial-of-service when exploited. This affects TensorFlow, a core ML framework used to build/train/deploy AI systems, i.e., a component in the software supply chain for general-purpose AI. The vulnerability is security-related (DoS) and there is explicit advisory/text citing the issue; thus sufficient evidence for inclusion.

References

Affected or Relevant Artifacts

  • Developer: tensorflow
  • Deployer: tensorflow
  • Artifact Details:
TypeName
Systemtensorflow

Impact

AVID Taxonomy Categorization

  • Risk domains: Security
  • SEP subcategories: S0100: Software Vulnerability
  • Lifecycle stages: L06: Deployment

CVSS

Version3.1
Vector StringCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
Base Score2.5
Base Severity🟢 Low
Attack VectorLOCAL
Attack Complexity🔴 High
Privileges Required🟢 Low
User InteractionNONE
ScopeUNCHANGED
Confidentiality ImpactNONE
Integrity ImpactNONE
Availability Impact🟢 Low

CWE

IDDescription
CWE-369CWE-369: Divide By Zero

Other information

  • Report Type: Advisory
  • Credits:
  • Date Reported: 2021-05-14
  • Version: 0.3.3
  • AVID Entry