AVID-2026-R0846

Description

Reference binding to nullptr in RaggedTensorToSparse in TensorFlow (CVE-2021-37656)

Details

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.raw_ops.RaggedTensorToSparse. The implementation has an incomplete validation of the splits values: it does not check that they are in increasing order. We have patched the issue in GitHub commit 1071f554dbd09f7e101324d366eec5f4fe5a3ece. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.

Reason for inclusion in AVID: CVE-2021-37656 describes a vulnerability in TensorFlow (an AI/ML framework) where binding a reference to a null pointer in RaggedTensorToSparse can cause undefined behavior. This affects the AI software stack and is a vulnerability in a core dependency used to build/train/deploy ML systems. It has CVSS 3.1 base score 7.1 (HIGH), impacts integrity/availability, and there is a code fix in a commit with supported-version backports. This is a software supply-chain issue within the AI ecosystem (TensorFlow), not hardware/firmware-only. Therefore it should be kept for AVID curation as a GP AI supply chain security vulnerability.

References

• NVD entry
• https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4xfp-4pfp-89wg
• https://github.com/tensorflow/tensorflow/commit/1071f554dbd09f7e101324d366eec5f4fe5a3ece

Affected or Relevant Artifacts

• Developer: tensorflow
• Deployer: tensorflow
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2021-08-12
• Version: 0.3.3
• AVID Entry