CVE-2021-37676
📋 TL;DR
This vulnerability in TensorFlow allows attackers to cause undefined behavior by passing empty tensors to the SparseFillEmptyRows operation, potentially leading to crashes or memory corruption. It affects TensorFlow versions 2.3.4 through 2.6.0. Users running TensorFlow applications with untrusted input are at risk.
💻 Affected Systems
- TensorFlow
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution or complete system compromise through memory corruption leading to arbitrary code execution.
Likely Case
Application crash or denial of service through undefined behavior and potential memory corruption.
If Mitigated
No impact if input validation prevents empty tensors from reaching the vulnerable function.
🎯 Exploit Status
Exploitation requires crafting specific tensor inputs to trigger the null pointer dereference.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: TensorFlow 2.6.0, 2.5.1, 2.4.3, 2.3.4
Vendor Advisory: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v768-w7m9-2vmm
Restart Required: No
Instructions:
1. Update TensorFlow to patched version: pip install --upgrade tensorflow==2.6.0 (or appropriate version). 2. Verify the fix by checking version: python -c 'import tensorflow as tf; print(tf.__version__)'.
🔧 Temporary Workarounds
Input validation wrapper
allAdd validation to check that tensors passed to SparseFillEmptyRows are not empty before calling the operation.
# Python code to wrap the vulnerable function
import tensorflow as tf
def safe_sparse_fill_empty_rows(*args, **kwargs):
# Validate inputs are not empty tensors
for arg in args:
if hasattr(arg, 'shape') and any(dim == 0 for dim in arg.shape):
raise ValueError('Empty tensor detected in SparseFillEmptyRows input')
return tf.raw_ops.SparseFillEmptyRows(*args, **kwargs)
🧯 If You Can't Patch
- Implement strict input validation to prevent empty tensors from reaching the SparseFillEmptyRows operation.
- Restrict access to TensorFlow applications to trusted users only and monitor for abnormal behavior.
🔍 How to Verify
Check if Vulnerable:
Check TensorFlow version: python -c 'import tensorflow as tf; print(tf.__version__)'. If version is between 2.3.4 and 2.6.0 (excluding patched versions), you are vulnerable.Check Version:
python -c 'import tensorflow as tf; print(tf.__version__)'Verify Fix Applied:
After updating, verify version is 2.6.0, 2.5.1, 2.4.3, or 2.3.4 (patched). Test with sample code that previously triggered the issue.📡 Detection & Monitoring
Log Indicators:
- Application crashes with segmentation faults or memory errors
- Error logs mentioning SparseFillEmptyRows with empty tensors
Network Indicators:
- Unusual data patterns being sent to TensorFlow applications
SIEM Query:
source="tensorflow" AND ("segmentation fault" OR "memory error" OR "SparseFillEmptyRows")🔗 References
- https://github.com/tensorflow/tensorflow/commit/578e634b4f1c1c684d4b4294f9e5281b2133b3ed
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v768-w7m9-2vmm
- https://github.com/tensorflow/tensorflow/commit/578e634b4f1c1c684d4b4294f9e5281b2133b3ed
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v768-w7m9-2vmm
