Home » Database

AVID-2026-R0765

Description

Heap buffer overflow in RaggedTensorToTensor (CVE-2021-29560)

Details

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in tf.raw_ops.RaggedTensorToTensor. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/d94227d43aa125ad8b54115c03cece54f6a1977b/tensorflow/core/kernels/ragged_tensor_to_tensor_op.cc#L219-L222) uses the same index to access two arrays in parallel. Since the user controls the shape of the input arguments, an attacker could trigger a heap OOB access when parent_output_index is shorter than row_split. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

Reason for inclusion in AVID: CVE-2021-29560 describes a heap buffer overflow in TensorFlow’s RaggedTensorToTensor. It affects TensorFlow, a core ML framework used in AI pipelines; thus it’s a software supply-chain vulnerability in AI stacks. It is a security vulnerability (memory access issue) with CVE coverage and advisories, supported by explicit details and references.

References

Affected or Relevant Artifacts

  • Developer: tensorflow
  • Deployer: tensorflow
  • Artifact Details:
TypeName
Systemtensorflow

Impact

AVID Taxonomy Categorization

  • Risk domains: Security
  • SEP subcategories: S0100: Software Vulnerability
  • Lifecycle stages: L06: Deployment

CVSS

Version3.1
Vector StringCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
Base Score2.5
Base Severity🟢 Low
Attack VectorLOCAL
Attack Complexity🔴 High
Privileges Required🟢 Low
User InteractionNONE
ScopeUNCHANGED
Confidentiality ImpactNONE
Integrity ImpactNONE
Availability Impact🟢 Low

CWE

IDDescription
CWE-125CWE-125: Out-of-bounds Read

Other information

  • Report Type: Advisory
  • Credits:
  • Date Reported: 2021-05-14
  • Version: 0.3.3
  • AVID Entry