CVE-2021-37646: Incorrect Conversion between Numeric Types
(updated )
TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.raw_ops.StringNGrams
is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on this value. The implementation calls reserve
on a tstring
with a value that sometimes can be negative if user supplies negative ngram_widths
. The reserve
method calls TF_TString_Reserve
which has an unsigned long
argument for the size of the buffer. Hence, the implicit conversion transforms the negative value to a large integer.
References
Detect and mitigate CVE-2021-37646 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →