CVE-2021-29566

LOW

TensorFlow < 2.1.4 - Out-of-bounds Write via Dilation2DBackpropInput

Title source: llm
STIX 2.1

Description

TensorFlow is an end-to-end open source platform for machine learning. An attacker can write outside the bounds of heap allocated arrays by passing invalid arguments to `tf.raw_ops.Dilation2DBackpropInput`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/afd954e65f15aea4d438d0a219136fc4a63a573d/tensorflow/core/kernels/dilation_ops.cc#L321-L322) does not validate before writing to the output array. The values for `h_out` and `w_out` are guaranteed to be in range for `out_backprop` (as they are loop indices bounded by the size of the array). However, there are no similar guarantees relating `h_in_max`/`w_in_max` and `in_backprop`. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

References (2)

Core 2
Core References
Exploit, Patch, Third Party Advisory x_refsource_confirm
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pvrc-hg3f-58r6

Scores

CVSS v3 2.5
EPSS 0.0020
EPSS Percentile 10.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

Details

CWE
CWE-787
Status published
Products (4)
google/tensorflow < 2.1.4
pypi/tensorflow 0 - 2.1.4PyPI
pypi/tensorflow-cpu 0 - 2.1.4PyPI
pypi/tensorflow-gpu 0 - 2.1.4PyPI
Published May 14, 2021
Tracked Since Feb 18, 2026