AVID-2026-R0839

Description

Null pointer dereference in UncompressElement in TensorFlow (CVE-2021-37649)

Details

TensorFlow is an end-to-end open source platform for machine learning. The code for tf.raw_ops.UncompressElement can be made to trigger a null pointer dereference. The implementation obtains a pointer to a CompressedElement from a Variant tensor and then proceeds to dereference it for decompressing. There is no check that the Variant tensor contained a CompressedElement, so the pointer is actually nullptr. We have patched the issue in GitHub commit 7bdf50bb4f5c54a4997c379092888546c97c3ebd. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.

Reason for inclusion in AVID: CVE-2021-37649 describes a null pointer dereference in TensorFlow’s UncompressElement, a bug in a core ML framework used in AI pipelines. It affects TensorFlow versions; patches exist, and CVSS indicates a high-severity vulnerability with potential local impact. This is a software vulnerability within an AI software stack (TensorFlow), and TensorFlow is a key dependency/framework for building, training, deploying, and running general-purpose AI systems, so it constitutes a software supply-chain issue in GP AI contexts.

References

• NVD entry
• https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6gv8-p3vj-pxvr
• https://github.com/tensorflow/tensorflow/commit/7bdf50bb4f5c54a4997c379092888546c97c3ebd

Affected or Relevant Artifacts

• Developer: tensorflow
• Deployer: tensorflow
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2021-08-12
• Version: 0.3.3
• AVID Entry