Lucene search

[email protected]CVE-2021-29553

HistoryMay 14, 2021 - 8:15 p.m.

CVE-2021-29553

2021-05-1420:15:13

CWE-125

[email protected]

web.nvd.nist.gov

tensorflow

cve-2021-29553

machine learning

security

nvd

buffer overflow

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:N/A:P

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

6.8 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.0%

JSON

TensorFlow is an end-to-end open source platform for machine learning. An attacker can read data outside of bounds of heap allocated buffer in tf.raw_ops.QuantizeAndDequantizeV3. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/11ff7f80667e6490d7b5174aa6bf5e01886e770f/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L237) does not validate the value of user supplied axis attribute before using it to index in the array backing the input argument. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

Affected configurations

Vulners

NVD

Node

tensorflowtensorflowRange<2.1.4

tensorflowtensorflowRange2.2.0–2.2.3

tensorflowtensorflowRange2.3.0–2.3.3

tensorflowtensorflowRange2.4.0–2.4.2

CPENameOperatorVersion
google:tensorflowgoogle tensorflowlt2.1.4
google:tensorflowgoogle tensorflowlt2.2.3
google:tensorflowgoogle tensorflowlt2.3.3
google:tensorflowgoogle tensorflowlt2.4.2

CPE	Name	Operator	Version
google:tensorflow	google tensorflow	lt	2.1.4
google:tensorflow	google tensorflow	lt	2.2.3
google:tensorflow	google tensorflow	lt	2.3.3
google:tensorflow	google tensorflow	lt	2.4.2

CNA Affected

[
  {
    "product": "tensorflow",
    "vendor": "tensorflow",
    "versions": [
      {
        "status": "affected",
        "version": "< 2.1.4"
      },
      {
        "status": "affected",
        "version": ">= 2.2.0, < 2.2.3"
      },
      {
        "status": "affected",
        "version": ">= 2.3.0, < 2.3.3"
      },
      {
        "status": "affected",
        "version": ">= 2.4.0, < 2.4.2"
      }
    ]
  }
]

References

github.com/tensorflow/tensorflow/commit/99085e8ff02c3763a0ec2263e44daec416f6a387

github.com/tensorflow/tensorflow/security/advisories/GHSA-h9px-9vqg-222h

Social References

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:N/A:P

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

6.8 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.0%

JSON

Related for CVE-2021-29553

osv6 nvd1 veracode1 prion1 cvelist1 github1 ibm1