CVE-2021-41222 Segfault due to negative splits in `SplitV`

2021-11-0522:30:11

CWE-682

GitHub_M

www.cve.org

cve-2021-41222

segfault

tensorflow

splitv

negative arguments

fix

version 2.7.0

cherrypick

version 2.6.1

version 2.5.2

version 2.4.4

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

12.8%

JSON

TensorFlow is an open source platform for machine learning. In affected versions the implementation of SplitV can trigger a segfault is an attacker supplies negative arguments. This occurs whenever size_splits contains more than one value and at least one value is negative. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.

CNA Affected

[
  {
    "product": "tensorflow",
    "vendor": "tensorflow",
    "versions": [
      {
        "status": "affected",
        "version": ">= 2.6.0, < 2.6.1"
      },
      {
        "status": "affected",
        "version": ">= 2.5.0, < 2.5.2"
      },
      {
        "status": "affected",
        "version": "< 2.4.4"
      }
    ]
  }
]