AVID-2026-R0770

Description

Null pointer dereference in SparseFillEmptyRows (CVE-2021-29565)

Details

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of tf.raw_ops.SparseFillEmptyRows. This is because of missing validation(https://github.com/tensorflow/tensorflow/blob/fdc82089d206e281c628a93771336bf87863d5e8/tensorflow/core/kernels/sparse_fill_empty_rows_op.cc#L230-L231) that was covered under a TODO. If the dense_shape tensor is empty, then dense_shape_t.vec<>() would cause a null pointer dereference in the implementation of the op. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

Reason for inclusion in AVID: CVE-2021-29565 describes a null pointer dereference in TensorFlow’s SparseFillEmptyRows, a vulnerability in a core ML framework. This directly concerns AI/ML software stacks (TensorFlow) and could impact systems that build/train/deploy AI models using this library. It is a software supply-chain issue in a widely used AI component (dependencies/frameworks), not hardware/firmware-only. The report provides explicit vulnerability details and references/fix information, supporting evidence for classification.

References

• NVD entry
• https://github.com/tensorflow/tensorflow/security/advisories/GHSA-r6pg-pjwc-j585
• https://github.com/tensorflow/tensorflow/commit/faa76f39014ed3b5e2c158593b1335522e573c7f

Affected or Relevant Artifacts

• Developer: tensorflow
• Deployer: tensorflow
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2021-05-14
• Version: 0.3.3
• AVID Entry