AVID-2026-R0862

Description

Heap OOB in SdcaOptimizerV2 in TensorFlow (CVE-2021-37672)

Details

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to tf.raw_ops.SdcaOptimizerV2. The implementation does not check that the length of example_labels is the same as the number of examples. We have patched the issue in GitHub commit a4e138660270e7599793fa438cd7b2fc2ce215a6. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.

Reason for inclusion in AVID: This CVE describes a heap out-of-bounds read in TensorFlow’s SdcaOptimizerV2, a core AI framework/component. It directly affects the AI software stack used to train/deploy models, with a patched commit and affected versions, indicating a software-supply-chain vulnerability within AI tooling. It is not hardware/firmware-only and has clear CVE coverage and remediation.

References

• NVD entry
• https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5hj3-vjjf-f5m7
• https://github.com/tensorflow/tensorflow/commit/a4e138660270e7599793fa438cd7b2fc2ce215a6

Affected or Relevant Artifacts

• Developer: tensorflow
• Deployer: tensorflow
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2021-08-12
• Version: 0.3.3
• AVID Entry