AVID-2026-R0778

Description

Undefined behavior in MaxPool3DGradGrad (CVE-2021-29574)

Details

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.raw_ops.MaxPool3DGradGrad exhibits undefined behavior by dereferencing null pointers backing attacker-supplied empty tensors. The implementation(https://github.com/tensorflow/tensorflow/blob/72fe792967e7fd25234342068806707bbc116618/tensorflow/core/kernels/pooling_ops_3d.cc#L679-L703) fails to validate that the 3 tensor inputs are not empty. If any of them is empty, then accessing the elements in the tensor results in dereferencing a null pointer. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

Reason for inclusion in AVID: CVE-2021-29574 describes a null pointer dereference in a TensorFlow kernel (MaxPool3DGradGrad) that can affect TensorFlow installations used in ML pipelines. This is a software vulnerability in a widely-used AI framework, with explicit references and a fix; it impacts the software stack used to build/train/deploy general-purpose AI systems. It aligns with AI-related, GP AI supply chain components, and is security/safety-relevant with explicit CVE and remediation details.

References

• NVD entry
• https://github.com/tensorflow/tensorflow/security/advisories/GHSA-828x-qc2p-wprq
• https://github.com/tensorflow/tensorflow/commit/a3d9f9be9ac2296615644061b40cefcee341dcc4

Affected or Relevant Artifacts

• Developer: tensorflow
• Deployer: tensorflow
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2021-05-14
• Version: 0.3.3
• AVID Entry