CVE-2021-37655

Advisory

Tensorflow-rocm 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37655: TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a read from outside of bounds of heap allocated data by sending invalid arguments to 'tf.raw_ops.ResourceScatterUpdate'. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/resource_variable_ops.cc#L919-L923) has an incomplete validation of the relationship between the shapes of 'indices' and 'updates': instead of checking that the shape of 'indices' is a prefix of the shape of 'updates' (so that broadcasting can happen), code only checks that the number of elements in these two tensors are in a divisibility relationship. The Tensorflow team has patched the issue in GitHub commit 01cff3f986259d661103412a20745928c727326f.

Affected package

Affected versions

Fixed versions

Vulnerability changelog

This vulnerability has no description

Resources

• https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7fvx-3jfc-2cpc
• https://github.com/tensorflow/tensorflow/commit/01cff3f986259d661103412a20745928c727326f
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37655