Home » Database

AVID-2026-R0912

Description

Access to invalid memory during shape inference in Cudnn* ops (CVE-2021-41221)

Details

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for the Cudnn* operations in TensorFlow can be tricked into accessing invalid memory, via a heap buffer overflow. This occurs because the ranks of the input, input_h and input_c parameters are not validated, but code assumes they have certain values. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.

Reason for inclusion in AVID: The CVE describes a software vulnerability in TensorFlow’s AI software stack (Cudnn* shape inference) that can cause invalid memory access via a heap buffer overflow. It affects a component (TensorFlow) used to build, train, and deploy AI systems, making it relevant to the general-purpose AI supply chain and security posture.

References

Affected or Relevant Artifacts

  • Developer: tensorflow
  • Deployer: tensorflow
  • Artifact Details:
TypeName
Systemtensorflow

Impact

AVID Taxonomy Categorization

  • Risk domains: Security
  • SEP subcategories: S0100: Software Vulnerability
  • Lifecycle stages: L06: Deployment

CVSS

Version3.1
Vector StringCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score7.8
Base Severity🔴 High
Attack VectorLOCAL
Attack Complexity🟢 Low
Privileges Required🟢 Low
User InteractionNONE
ScopeUNCHANGED
Confidentiality Impact🔴 High
Integrity Impact🔴 High
Availability Impact🔴 High

CWE

IDDescription
CWE-120CWE-120: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’)

Other information

  • Report Type: Advisory
  • Credits:
  • Date Reported: 2021-11-05
  • Version: 0.3.3
  • AVID Entry