AVID-2026-R0856

Description

Reference binding to nullptr in RaggedTensorToVariant in TensorFlow (CVE-2021-37666)

Details

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.raw_ops.RaggedTensorToVariant. The implementation has an incomplete validation of the splits values, missing the case when the argument would be empty. We have patched the issue in GitHub commit be7a4de6adfbd303ce08be4332554dff70362612. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.

Reason for inclusion in AVID: The CVE concerns a vulnerability in TensorFlow, a core ML framework. It enables undefined behavior via binding a reference to a null pointer in RaggedTensorToVariant, with potential security impact. TensorFlow is a widely used dependency in AI pipelines, so this vulnerability affects the software supply chain of general-purpose AI systems (build/run/deploy stacks, ML workflows). There is explicit evidence including the affected versions, patch commit, and CVSS details, meeting the criteria for a software-supply-chain vulnerability in AI stacks. It is not hardware/firmware-only, and the issue is security-related.

References

• NVD entry
• https://github.com/tensorflow/tensorflow/security/advisories/GHSA-w4xf-2pqw-5mq7
• https://github.com/tensorflow/tensorflow/commit/be7a4de6adfbd303ce08be4332554dff70362612

Affected or Relevant Artifacts

• Developer: tensorflow
• Deployer: tensorflow
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2021-08-12
• Version: 0.3.3
• AVID Entry