CVE-2021-29563
published 2021-05-14CVE-2021-29563: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from…
medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from the implementation of `tf.raw_ops.RFFT`. Eigen code operating on an empty matrix can trigger on an assertion and will cause program termination. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | tensorflow | — | — |
| tensorflow | < 2.1.4 | 2.1.4 | |
| tensorflow | >= 2.2.0 < 2.2.3 | 2.2.3 | |
| tensorflow | >= 2.3.0 < 2.3.3 | 2.3.3 | |
| tensorflow | >= 2.4.0 < 2.4.2 | 2.4.2 | |
| intel | optimization_for_tensorflow | >= 0 < 31bd5026304677faa8a0b77602c6154171b9aec1 | 31bd5026304677faa8a0b77602c6154171b9aec1 |
| intel | optimization_for_tensorflow | >= 0 < 2.2.0rc0 | 2.2.0rc0 |
| intel | optimization_for_tensorflow | >= 0 < 2.1.4 | 2.1.4 |
| intel | optimization_for_tensorflow | >= 2.2.0 < 2.3.0rc0 | 2.3.0rc0 |
| intel | optimization_for_tensorflow | >= 2.2.0 < 2.2.3 | 2.2.3 |
| intel | optimization_for_tensorflow | >= 2.3.0 < 2.3.4 | 2.3.4 |
| intel | optimization_for_tensorflow | >= 2.3.0 < 2.3.3 | 2.3.3 |
| intel | optimization_for_tensorflow | >= 2.4.0 < 2.4.3 | 2.4.3 |
| intel | optimization_for_tensorflow | >= 2.4.0 < 2.4.2 | 2.4.2 |
| tensorflow | tensorflow | < 2.1.4 | 2.1.4 |
| tensorflow | tensorflow | — | — |
| tensorflow | tensorflow | — | — |
| tensorflow | tensorflow | — | — |
Debian
CVE-2021-29563: tensorflow - TensorFlow is an end-to-end open source platform for machine learning. An attack...
vendor_debian·2021·CVSS 2.5
CVE-2021-29563 [LOW] CVE-2021-29563: tensorflow - TensorFlow is an end-to-end open source platform for machine learning. An attack...
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from the implementation of `tf.raw_ops.RFFT`. Eigen code operating on an empty matrix can trigger on an assertion and will cause program termination. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.
Scope: local
forky: resolved
sid: resolved
OSV
CHECK-fail in `tf.raw_ops.RFFT`
osv·2021-05-21
CVE-2021-29563 [LOW] CHECK-fail in `tf.raw_ops.RFFT`
CHECK-fail in `tf.raw_ops.RFFT`
### Impact
An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from the implementation of `tf.raw_ops.RFFT`:
```python
import tensorflow as tf
inputs = tf.constant([1], shape=[1], dtype=tf.float32)
fft_length = tf.constant([0], shape=[1], dtype=tf.int32)
tf.raw_ops.RFFT(input=inputs, fft_length=fft_length)
```
The above example causes Eigen code to operate on an empty matrix. This triggers on an assertion and causes program termination.
### Patches
We have patched the issue in GitHub commit [31bd5026304677faa8a0b77602c6154171b9aec1](https://github.com/tensorflow/tensorflow/commit/31bd5026304677faa8a0b77602c6154171b9aec1).
The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2,
GHSA
CHECK-fail in `tf.raw_ops.RFFT`
ghsa·2021-05-21
CVE-2021-29563 [LOW] CWE-617 CHECK-fail in `tf.raw_ops.RFFT`
CHECK-fail in `tf.raw_ops.RFFT`
### Impact
An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from the implementation of `tf.raw_ops.RFFT`:
```python
import tensorflow as tf
inputs = tf.constant([1], shape=[1], dtype=tf.float32)
fft_length = tf.constant([0], shape=[1], dtype=tf.int32)
tf.raw_ops.RFFT(input=inputs, fft_length=fft_length)
```
The above example causes Eigen code to operate on an empty matrix. This triggers on an assertion and causes program termination.
### Patches
We have patched the issue in GitHub commit [31bd5026304677faa8a0b77602c6154171b9aec1](https://github.com/tensorflow/tensorflow/commit/31bd5026304677faa8a0b77602c6154171b9aec1).
The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2,
OSV
CVE-2021-29563: TensorFlow is an end-to-end open source platform for machine learning
osv·2021-05-14
CVE-2021-29563 CVE-2021-29563: TensorFlow is an end-to-end open source platform for machine learning
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from the implementation of `tf.raw_ops.RFFT`. Eigen code operating on an empty matrix can trigger on an assertion and will cause program termination. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/tensorflow/tensorflow/commit/31bd5026304677faa8a0b77602c6154171b9aec1https://github.com/tensorflow/tensorflow/security/advisories/GHSA-ph87-fvjr-v33whttps://github.com/tensorflow/tensorflow/commit/31bd5026304677faa8a0b77602c6154171b9aec1https://github.com/tensorflow/tensorflow/security/advisories/GHSA-ph87-fvjr-v33w
2021-05-14
Published