CVE-2021-37647
📋 TL;DR
This vulnerability in TensorFlow allows attackers to cause a null pointer dereference by providing empty sparse tensor arguments to the SparseTensorSliceDataset operation. This can lead to denial of service or potentially arbitrary code execution. Users of TensorFlow who process untrusted data with sparse tensor operations are affected.
💻 Affected Systems
- TensorFlow
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution leading to complete system compromise if combined with other vulnerabilities, or denial of service causing application crashes.
Likely Case
Denial of service through application crashes when processing malicious sparse tensor inputs.
If Mitigated
Minimal impact if proper input validation and sandboxing are implemented at the application layer.
🎯 Exploit Status
Exploitation requires crafting specific sparse tensor inputs; no public exploit code is known.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: TensorFlow 2.6.0, 2.5.1, 2.4.3, 2.3.4
Vendor Advisory: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c5x2-p679-95wc
Restart Required: No
Instructions:
1. Update TensorFlow to patched version using pip: pip install --upgrade tensorflow==2.6.0 2. Verify installation with: python -c 'import tensorflow as tf; print(tf.__version__)'
🔧 Temporary Workarounds
Input validation wrapper
allAdd validation to ensure sparse tensors have valid indices and values before passing to SparseTensorSliceDataset
# Python code to validate sparse tensor
import tensorflow as tf
def safe_sparse_tensor_slice_dataset(indices, values, dense_shape):
if indices.shape[0] == 0 or values.shape[0] == 0:
raise ValueError('Empty sparse tensor indices or values not allowed')
return tf.raw_ops.SparseTensorSliceDataset(indices=indices, values=values, dense_shape=dense_shape)
🧯 If You Can't Patch
- Implement strict input validation for all sparse tensor operations
- Isolate TensorFlow processing in containers with limited privileges
🔍 How to Verify
Check if Vulnerable:
Check TensorFlow version: python -c 'import tensorflow as tf; print(tf.__version__)' - if version is between 2.3.0 and 2.5.0 inclusive, system is vulnerable.Check Version:
python -c 'import tensorflow as tf; print(tf.__version__)'Verify Fix Applied:
After patching, verify version is 2.6.0, 2.5.1, 2.4.3, or 2.3.4 using same command.📡 Detection & Monitoring
Log Indicators:
- Application crashes with segmentation faults or null pointer exceptions
- Error logs mentioning SparseTensorSliceDataset failures
Network Indicators:
- Unusual patterns of sparse tensor data being sent to TensorFlow services
SIEM Query:
source='tensorflow' AND (error='segmentation fault' OR error='null pointer' OR message='*SparseTensorSliceDataset*')🔗 References
- https://github.com/tensorflow/tensorflow/commit/02cc160e29d20631de3859c6653184e3f876b9d7
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c5x2-p679-95wc
- https://github.com/tensorflow/tensorflow/commit/02cc160e29d20631de3859c6653184e3f876b9d7
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c5x2-p679-95wc
