CVE-2021-29608 : Security Advisory and Response

TensorFlow is an end-to-end open source platform for machine learning. This vulnerability (GHSA-rgvq-pcvf-hx75) arises due to a lack of validation in

tf.raw_ops.RaggedTensorToTensor

. An attacker can exploit an undefined behavior if input arguments are empty. The implementation only checks that one of the tensors is not empty, leaving room for exploit. TensorFlow versions below 2.1.4, between 2.2.0 and 2.2.3, between 2.3.0 and 2.3.3, and between 2.4.0 and 2.4.2 are affected. The fix is included in TensorFlow 2.5.0, with backports to other affected versions.

Understanding CVE-2021-29608

This section delves into the details of the vulnerability discovered in

RaggedTensorToTensor

in TensorFlow.

What is CVE-2021-29608?

The CWE-131 vulnerability allows for incorrect calculation of buffer size, granting attackers the potential for heap out-of-bounds and null pointer dereference.

The Impact of CVE-2021-29608

With a CVSS base score of 5.3, this vulnerability has a medium severity rating. It poses a high availability impact, affecting locally executed attacks with low required privileges. The integrity impact is low while confidentiality remains unaffected.

Technical Details of CVE-2021-29608

Explore the technical aspects of the

RaggedTensorToTensor

vulnerability within TensorFlow.

Vulnerability Description

The vulnerability stems from inadequate validation in the

RaggedTensorToTensor

function, enabling attackers to trigger undefined behavior with empty input arguments.

Affected Systems and Versions

TensorFlow versions < 2.1.4, >= 2.2.0, < 2.2.3, >= 2.3.0, < 2.3.3, and >= 2.4.0, < 2.4.2 are vulnerable to this exploit.

Exploitation Mechanism

By exploiting the lack of input argument validation in

RaggedTensorToTensor

, attackers can perform heap out-of-bounds tasks and null pointer dereference, impacting the system's integrity.

Mitigation and Prevention

Discover the necessary steps to mitigate and prevent the CVE-2021-29608 vulnerability.

Immediate Steps to Take

Users should update TensorFlow to version 2.5.0 to apply the necessary fixes. For versions affected, including 2.4.2, 2.3.3, 2.2.3, and 2.1.4, backports have been provided to address the vulnerability.

Long-Term Security Practices

Maintain regular updates and patches on TensorFlow to prevent the exploitation of vulnerabilities, ensuring the security of machine learning applications.

Patching and Updates

Stay informed on security advisories and commit updates from TensorFlow to promptly address any future vulnerabilities.