CVE-2021-29593
LOWTensorFlow < 2.1.4 - Division By Zero in BatchToSpaceNd TFLite Operator
Title source: llmDescription
TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `BatchToSpaceNd` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow/tensorflow/blob/b5ed552fe55895aee8bd8b191f744a069957d18d/tensorflow/lite/kernels/batch_to_space_nd.cc#L81-L82). An attacker can craft a model such that one dimension of the `block` input is 0. Hence, the corresponding value in `block_shape` is 0. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.
References (2)
Core 2
Core References
Exploit, Patch, Third Party Advisory x_refsource_confirm
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cfx7-2xpc-8w4h
Patch, Third Party Advisory x_refsource_misc
https://github.com/tensorflow/tensorflow/commit/2c74674348a4708ced58ad6eb1b23354df8ee044
Scores
CVSS v3
2.5
EPSS
0.0020
EPSS Percentile
10.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
Details
CWE
CWE-369
Status
published
Products (4)
google/tensorflow
< 2.1.4
pypi/tensorflow
0 - 2.1.4PyPI
pypi/tensorflow-cpu
0 - 2.1.4PyPI
pypi/tensorflow-gpu
0 - 2.1.4PyPI
Published
May 14, 2021
Tracked Since
Feb 18, 2026