Buffer Overflow Affecting tensorflow package, versions [, 2.1.4) [2.2.0, 2.2.3) [2.3.0, 2.3.3) [2.4.0, 2.4.2)
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-PYTHON-TENSORFLOW-1296180
- published 21 May 2021
- disclosed 21 May 2021
- credit Unknown
How to fix?
Upgrade tensorflow
to version 2.1.4, 2.2.3, 2.3.3, 2.4.2 or higher.
Overview
tensorflow is a machine learning framework.
Affected versions of this package are vulnerable to Buffer Overflow. If the splits
argument of RaggedBincount
does not specify a valid SparseTensor
, then an attacker can trigger a heap buffer overflow. This will cause a read from outside the bounds of the splits
tensor buffer in the implementation of the RaggedBincount
op. Before the for
loop, batch_idx
is set to 0. The user controls the splits
array, making it contain only one element, 0. Thus, the code in the while
loop would increment batch_idx
and then try to read splits(1)
, which is outside of bounds.