{"id":"CVE-2021-37682","details":"TensorFlow is an end-to-end open source platform for machine learning. In affected versions all TFLite operations that use quantization can be made to use unitialized values. [For example](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/depthwise_conv.cc#L198-L200). The issue stems from the fact that `quantization.params` is only valid if `quantization.type` is different that `kTfLiteNoQuantization`. However, these checks are missing in large parts of the code. We have patched the issue in GitHub commits 537bc7c723439b9194a358f64d871dd326c18887, 4a91f2069f7145aab6ba2d8cfe41be8a110c18a5 and 8933b8a21280696ab119b63263babdb54c298538. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.","aliases":["BIT-tensorflow-2021-37682","GHSA-4c4g-crqm-xrxw","PYSEC-2021-304","PYSEC-2021-595","PYSEC-2021-793"],"modified":"2026-04-11T16:26:16.073865Z","published":"2021-08-12T23:15:08.390Z","related":["GHSA-4c4g-crqm-xrxw","openSUSE-SU-2022:10014-1","openSUSE-SU-2024:12116-1"],"references":[{"type":"ADVISORY","url":"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4c4g-crqm-xrxw"},{"type":"FIX","url":"https://github.com/tensorflow/tensorflow/commit/4a91f2069f7145aab6ba2d8cfe41be8a110c18a5"},{"type":"FIX","url":"https://github.com/tensorflow/tensorflow/commit/537bc7c723439b9194a358f64d871dd326c18887"},{"type":"FIX","url":"https://github.com/tensorflow/tensorflow/commit/8933b8a21280696ab119b63263babdb54c298538"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/tensorflow/tensorflow","events":[{"introduced":"b36436b087bd8e8701ef51718179037cccdfc26e"},{"fixed":"7462dcaae1e8cfe1dfd0c62dd6083f9749a9d827"},{"introduced":"582c8d236cb079023657287c318ff26adb239002"},{"fixed":"4c0b84bf2a714bcdd18da1f1f94d533d72399d52"},{"introduced":"0"},{"last_affected":"a4dfb8d1a71385bd6d122e4f27f86dcebb96712d"},{"introduced":"0"},{"last_affected":"a5317d67e6ce6e93de18011bfdcdd4ff7aa894cf"},{"introduced":"0"},{"last_affected":"79f2d3a179ac6ea6b4c3d07b6849afad4e8730cd"},{"introduced":"0"},{"last_affected":"5368d50428b30b7c9ccd038aec65d09252d16596"},{"fixed":"4a91f2069f7145aab6ba2d8cfe41be8a110c18a5"},{"fixed":"537bc7c723439b9194a358f64d871dd326c18887"},{"fixed":"8933b8a21280696ab119b63263babdb54c298538"}],"database_specific":{"versions":[{"introduced":"2.3.0"},{"fixed":"2.3.4"},{"introduced":"2.4.0"},{"fixed":"2.4.3"},{"introduced":"0"},{"last_affected":"2.5.0"},{"introduced":"0"},{"last_affected":"2.6.0-rc0"},{"introduced":"0"},{"last_affected":"2.6.0-rc1"},{"introduced":"0"},{"last_affected":"2.6.0-rc2"}]}}],"versions":["0.5.0","0.6.0","v1.1.0-rc1","v1.1.0-rc2","v1.12.1","v1.6.0-rc1","v1.9.0-rc2","v2.3.0","v2.3.1","v2.3.2","v2.3.3","v2.4.0","v2.4.1","v2.4.2","v2.5.0","v2.5.0-rc0","v2.5.0-rc1","v2.5.0-rc2","v2.5.0-rc3","v2.6.0-rc0","v2.6.0-rc1","v2.6.0-rc2"],"database_specific":{"vanir_signatures":[{"id":"CVE-2021-37682-19a22dd8","deprecated":false,"target":{"file":"tensorflow/lite/kernels/unidirectional_sequence_lstm.cc"},"signature_type":"Line","source":"https://github.com/tensorflow/tensorflow/commit/4a91f2069f7145aab6ba2d8cfe41be8a110c18a5","signature_version":"v1","digest":{"line_hashes":["7440970209546815505108574224335915766","289228390789262120964198350171036451934","178299282040712775987615130438989458340","339679172152280146636858840907386247935","157243637482430417441545842130104104959","100046886174609522381984083873442141844","203526503650303551201029318832412833916","145739016148654751369601556371772170412","56351524074353220174472935832872247465","43887104110698686301837452352901593126","251757078923024656285455457580210319660","336799296180172673672172672535376495237","99677249298953833768107270114241618342","37468892159900445872768491469670413096","181495940270344708086105417339164967943","11961904636848955661137604320110969319","323132364002612901809775586534793662709"],"threshold":0.9}},{"id":"CVE-2021-37682-35fa95db","deprecated":false,"target":{"file":"tensorflow/lite/kernels/depthwise_conv.cc"},"signature_type":"Line","source":"https://github.com/tensorflow/tensorflow/commit/8933b8a21280696ab119b63263babdb54c298538","signature_version":"v1","digest":{"line_hashes":["138269880239765134982444528225961485487","281957078064200027425136853801733622467","64932240666871905396331142478735368387","41536503977427223682044133887533590369","2762147040504501512349809088185451695","121552092614269428820137499061484798539","186287551362289775216431540182155413417","10786984281098133597584345173936635926","63123936725946969531180821686134261653","246805977689749908939191409014443872087","291451516082816589936924752010076669125","8837040242218694641698824316513669353"],"threshold":0.9}},{"id":"CVE-2021-37682-3a00236e","deprecated":false,"target":{"file":"tensorflow/lite/kernels/depthwise_conv.cc","function":"EvalHybridPerChannel"},"signature_type":"Function","source":"https://github.com/tensorflow/tensorflow/commit/8933b8a21280696ab119b63263babdb54c298538","signature_version":"v1","digest":{"function_hash":"64663185004761799010438763046534651364","length":2387}},{"id":"CVE-2021-37682-613236f7","deprecated":false,"target":{"file":"tensorflow/lite/kernels/svdf.cc"},"signature_type":"Line","source":"https://github.com/tensorflow/tensorflow/commit/537bc7c723439b9194a358f64d871dd326c18887","signature_version":"v1","digest":{"line_hashes":["251678184988760506119570617856943077602","96028089168129468480733784138207319780","206161579350164089448286926466803288200","69008098661117488507277591248021020417","210938701036288702363855349490255376324","283048774340724746520139326930594104544","105618668709466217276159733640012048809","121936318193007732775642270980337709331","140289007449253926492484768295059685650","256869882914575070959982598421899059276","100765556484039192579184371215127255159"],"threshold":0.9}},{"id":"CVE-2021-37682-64717c18","deprecated":false,"target":{"file":"tensorflow/lite/kernels/unidirectional_sequence_lstm.cc","function":"PopulatePrecomputedZPTimesWeightsWithBias"},"signature_type":"Function","source":"https://github.com/tensorflow/tensorflow/commit/4a91f2069f7145aab6ba2d8cfe41be8a110c18a5","signature_version":"v1","digest":{"function_hash":"185109233487065727847356531918468503449","length":3229}},{"id":"CVE-2021-37682-91b3662b","deprecated":false,"target":{"file":"tensorflow/lite/kernels/unidirectional_sequence_lstm.cc","function":"PopulateQuantizedLstmParams8x8_16"},"signature_type":"Function","source":"https://github.com/tensorflow/tensorflow/commit/4a91f2069f7145aab6ba2d8cfe41be8a110c18a5","signature_version":"v1","digest":{"function_hash":"211027057744197061863497483170586030987","length":7874}},{"id":"CVE-2021-37682-dcf3d8b2","deprecated":false,"target":{"file":"tensorflow/lite/kernels/svdf.cc","function":"Prepare"},"signature_type":"Function","source":"https://github.com/tensorflow/tensorflow/commit/537bc7c723439b9194a358f64d871dd326c18887","signature_version":"v1","digest":{"function_hash":"122186058277500859490914053197639802403","length":5503}},{"id":"CVE-2021-37682-f4cf5c80","deprecated":false,"target":{"file":"tensorflow/lite/kernels/depthwise_conv.cc","function":"Prepare"},"signature_type":"Function","source":"https://github.com/tensorflow/tensorflow/commit/8933b8a21280696ab119b63263babdb54c298538","signature_version":"v1","digest":{"function_hash":"29055977934307684731821865276269329452","length":5481}}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-37682.json","vanir_signatures_modified":"2026-04-11T16:26:16Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"}]}