CVE-2021-37643 : Security Advisory and Response

Understanding CVE-2021-37643

This CVE involves a null pointer dereference in

MatrixDiagPartOp

in TensorFlow, affecting versions >= 2.3.4, < 2.5.1.

What is CVE-2021-37643?

TensorFlow's

tf.raw_ops.MatrixDiagPartOp

triggers a null pointer dereference if a user does not provide a valid padding value, leading to invalid behavior in the presence of empty input.

The Impact of CVE-2021-37643

With a CVSS base score of 7.7 (High Severity), this vulnerability can result in a denial of service due to a null pointer dereference in specific TensorFlow versions.

Technical Details of CVE-2021-37643

This section outlines the specific details related to the vulnerability.

Vulnerability Description

The issue arises from reading the first value from a tensor buffer without verifying the availability of values, potentially causing a null pointer dereference.

Affected Systems and Versions

Affected versions include TensorFlow >= 2.5.0, < 2.5.1, TensorFlow >= 2.4.0, < 2.4.3, and TensorFlow < 2.3.4.

Exploitation Mechanism

The vulnerability can be exploited by not providing valid padding to

MatrixDiagPartOp

, which triggers the null pointer dereference.

Mitigation and Prevention

Protecting systems from CVE-2021-37643 involves immediate actions and long-term security practices.

Immediate Steps to Take

Users are advised to update to TensorFlow 2.5.1, 2.4.3, or apply the GitHub commit 482da92095c4d48f8784b1f00dda4f81c28d2988 to mitigate the vulnerability.

Long-Term Security Practices

Regularly update TensorFlow instances, follow security advisories, and implement secure coding practices to prevent similar vulnerabilities.

Patching and Updates

The issue has been patched in commit 482da92095c4d48f8784b1f00dda4f81c28d2988 and will be included in future TensorFlow versions.