Home » Database

AVID-2026-R0898

Description

Heap OOB read in all tf.raw_ops.QuantizeAndDequantizeV* ops (CVE-2021-41205)

Details

TensorFlow is an open source platform for machine learning. In affected versions the shape inference functions for the QuantizeAndDequantizeV* operations can trigger a read outside of bounds of heap allocated array. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.

Reason for inclusion in AVID: CVE-2021-41205 describes a heap out-of-bounds read vulnerability in TensorFlow’s QuantizeAndDequantizeV* ops. TensorFlow is an AI framework widely used in AI/ML pipelines, serving as a dependency in many AI systems. The issue affects software components (TensorFlow) used to build/train/deploy AI systems, representing a software supply-chain vulnerability within AI stacks. It is a security vulnerability (out-of-bounds read) with explicit CVSS metadata and a remediation path. Therefore it meets AVID criteria for a GP AI supply-chain vulnerability.

References

Affected or Relevant Artifacts

  • Developer: tensorflow
  • Deployer: tensorflow
  • Artifact Details:
TypeName
Systemtensorflow

Impact

AVID Taxonomy Categorization

  • Risk domains: Security
  • SEP subcategories: S0100: Software Vulnerability
  • Lifecycle stages: L06: Deployment

CVSS

Version3.1
Vector StringCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Base Score7.1
Base Severity🔴 High
Attack VectorLOCAL
Attack Complexity🟢 Low
Privileges Required🟢 Low
User InteractionNONE
ScopeUNCHANGED
Confidentiality Impact🔴 High
Integrity ImpactNONE
Availability Impact🔴 High

CWE

IDDescription
CWE-125CWE-125: Out-of-bounds Read

Other information

  • Report Type: Advisory
  • Credits:
  • Date Reported: 2021-11-05
  • Version: 0.3.3
  • AVID Entry