| Vulnerability Name: | CVE-2021-37648 (CCN-207549) | ||||||||||||
| Assigned: | 2021-08-11 | ||||||||||||
| Published: | 2021-08-11 | ||||||||||||
| Updated: | 2021-08-18 | ||||||||||||
| Summary: | TensorFlow is an end-to-end open source platform for machine learning. In affected versions the code for `tf.raw_ops.SaveV2` does not properly validate the inputs and an attacker can trigger a null pointer dereference. The [implementation](https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/save_restore_v2_ops.cc) uses `ValidateInputs` to check that the input arguments are valid. This validation would have caught the illegal state represented by the reproducer above. However, the validation uses `OP_REQUIRES` which translates to setting the `Status` object of the current `OpKernelContext` to an error status, followed by an empty `return` statement which just terminates the execution of the function it is present in. However, this does not mean that the kernel execution is finalized: instead, execution continues from the next line in `Compute` that follows the call to `ValidateInputs`. This is equivalent to lacking the validation. We have patched the issue in GitHub commit 9728c60e136912a12d99ca56e106b7cce7af5986. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range. | ||||||||||||
| CVSS v3 Severity: | 7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) 6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
4.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||||||
| Vulnerability Type: | CWE-476 | ||||||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2021-37648 Source: XF Type: UNKNOWN tensorflow-cve202137648-dos(207549) Source: MISC Type: Patch, Third Party Advisory https://github.com/tensorflow/tensorflow/commit/9728c60e136912a12d99ca56e106b7cce7af5986 Source: CCN Type: TensorFlow GIT Repository Incorrect validation of SaveV2 inputs Source: CONFIRM Type: Third Party Advisory https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wp77-4gmm-7cq8 Source: CCN Type: IBM Security Bulletin 6523816 (Watson Discovery) IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in TensorFlow | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||