Login Sign Up

CVE-2021-41212

7.1 HIGH

📋 TL;DR

This vulnerability in TensorFlow allows attackers to trigger an out-of-bounds read in the tf.ragged.cross function, potentially leading to memory disclosure or application crashes. It affects TensorFlow versions before the patched releases, impacting any system using vulnerable TensorFlow code for machine learning tasks.

💻 Affected Systems

Products:
  • TensorFlow
Versions: TensorFlow 2.4.0 to 2.4.3, 2.5.0 to 2.5.1, 2.6.0, and earlier affected versions
Operating Systems: All operating systems running TensorFlow
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems using tf.ragged.cross function; other TensorFlow functionality is not vulnerable

📦 What is this software?

Tensorflow by Google

View all CVEs affecting Tensorflow →

Tensorflow by Google

View all CVEs affecting Tensorflow →

Tensorflow by Google

View all CVEs affecting Tensorflow →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Memory corruption leading to remote code execution or sensitive data disclosure from TensorFlow process memory

🟠

Likely Case

Application crash (denial of service) or limited memory disclosure

🟢

If Mitigated

No impact if patched or workarounds applied; isolated crashes if unpatched but with proper sandboxing

🌐 Internet-Facing: MEDIUM - Exploitation requires specific API calls but could be triggered via ML model inputs
🏢 Internal Only: MEDIUM - Internal ML pipelines using tf.ragged.cross could be vulnerable to crashes

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires crafting specific inputs to tf.ragged.cross; no public exploits known

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: TensorFlow 2.7.0, 2.6.1, 2.5.2, or 2.4.4

Vendor Advisory: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fr77-rrx3-cp7g

Restart Required: No

Instructions:

1. Update TensorFlow using pip: pip install --upgrade tensorflow==2.7.0 (or appropriate patched version). 2. Verify installation with: python -c 'import tensorflow as tf; print(tf.__version__)'

🔧 Temporary Workarounds

Avoid tf.ragged.cross usage

all

Temporarily disable or avoid using the vulnerable tf.ragged.cross function

# Review code for tf.ragged.cross usage and replace with alternative functions

🧯 If You Can't Patch

  • Implement input validation/sanitization for tf.ragged.cross inputs
  • Run TensorFlow in sandboxed/isolated environments to limit potential impact

🔍 How to Verify

Check if Vulnerable:

Check TensorFlow version and if tf.ragged.cross is used in your codebase

Check Version:

python -c 'import tensorflow as tf; print(tf.__version__)'

Verify Fix Applied:

Verify TensorFlow version is 2.7.0, 2.6.1, 2.5.2, or 2.4.4+ and test tf.ragged.cross functionality

📡 Detection & Monitoring

Log Indicators:

  • TensorFlow segmentation faults
  • Memory access violation errors in application logs

Network Indicators:

  • Unusual ML model inference requests targeting tf.ragged.cross endpoints

SIEM Query:

source="tensorflow" AND ("segmentation fault" OR "memory violation" OR "out of bounds")

📊 Metadata

CVE ID: CVE-2021-41212
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE: CWE-125
Published: November 5, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-41212, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)