CVE-2021-29601

MEDIUM

TensorFlow < 2.1.4 - Integer Overflow in TFLite Concatenation

Title source: llm

Description

TensorFlow is an end-to-end open source platform for machine learning. The TFLite implementation of concatenation is vulnerable to an integer overflow issue(https://github.com/tensorflow/tensorflow/blob/7b7352a724b690b11bfaae2cd54bc3907daf6285/tensorflow/lite/kernels/concatenation.cc#L70-L76). An attacker can craft a model such that the dimensions of one of the concatenation input overflow the values of `int`. TFLite uses `int` to represent tensor dimensions, whereas TF uses `int64`. Hence, valid TF models can trigger an integer overflow when converted to TFLite format. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

References (2)

Core 2

Core References

Exploit, Patch, Third Party Advisory x_refsource_confirm

https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9c84-4hx6-xmm4

Patch, Third Party Advisory x_refsource_misc

https://github.com/tensorflow/tensorflow/commit/4253f96a58486ffe84b61c0415bb234a4632ee73

Scores

CVSS v3 6.3

EPSS 0.0019

EPSS Percentile 8.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H

Details

CWE

CWE-190

Status published

Products (4)

google/tensorflow < 2.1.4

pypi/tensorflow 0 - 2.1.4PyPI

pypi/tensorflow-cpu 0 - 2.1.4PyPI

pypi/tensorflow-gpu 0 - 2.1.4PyPI

Published May 14, 2021

Tracked Since Feb 18, 2026