CVE-2021-37676
HIGHTensorFlow 2.3.0-2.3.3 - Access of Uninitialized Pointer in SparseFillEmptyRows
Title source: llmDescription
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in `tf.raw_ops.SparseFillEmptyRows`. The shape inference [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/ops/sparse_ops.cc#L608-L634) does not validate that the input arguments are not empty tensors. We have patched the issue in GitHub commit 578e634b4f1c1c684d4b4294f9e5281b2133b3ed. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_confirm
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v768-w7m9-2vmm
Patch, Third Party Advisory x_refsource_misc
https://github.com/tensorflow/tensorflow/commit/578e634b4f1c1c684d4b4294f9e5281b2133b3ed
Scores
CVSS v3
7.8
EPSS
0.0017
EPSS Percentile
7.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-824
Status
published
Products (6)
google/tensorflow
2.5.0
google/tensorflow
2.6.0 rc0 (3 CPE variants)
google/tensorflow
2.3.0 - 2.3.4
pypi/tensorflow
0 - 2.3.4PyPI
pypi/tensorflow-cpu
0 - 2.3.4PyPI
pypi/tensorflow-gpu
0 - 2.3.4PyPI
Published
Aug 12, 2021
Tracked Since
Feb 18, 2026