{"id":"GHSA-4c4g-crqm-xrxw","summary":"Use of unitialized value in TFLite","details":"### Impact\nAll TFLite operations that use quantization can be made to use unitialized values. [For example](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/depthwise_conv.cc#L198-L200):\n\n```cc\n    const auto* affine_quantization =\n        reinterpret_cast\u003cTfLiteAffineQuantization*\u003e(\n            filter-\u003equantization.params);\n```\n\nThe issue stems from the fact that `quantization.params` is only valid if `quantization.type` is different that `kTfLiteNoQuantization`. However, these checks are missing in large parts of the code.\n\n### Patches\nWe have patched the issue in GitHub commits [537bc7c723439b9194a358f64d871dd326c18887](https://github.com/tensorflow/tensorflow/commit/537bc7c723439b9194a358f64d871dd326c18887),\n[4a91f2069f7145aab6ba2d8cfe41be8a110c18a5](https://github.com/tensorflow/tensorflow/commit/4a91f2069f7145aab6ba2d8cfe41be8a110c18a5) and [8933b8a21280696ab119b63263babdb54c298538](https://github.com/tensorflow/tensorflow/commit/8933b8a21280696ab119b63263babdb54c298538).\n\nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution \nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360. ","aliases":["BIT-tensorflow-2021-37682","CVE-2021-37682","PYSEC-2021-304","PYSEC-2021-595","PYSEC-2021-793"],"modified":"2026-03-13T22:15:37.687212Z","published":"2021-08-25T14:40:32Z","related":["CVE-2021-37682"],"database_specific":{"github_reviewed":true,"cwe_ids":["CWE-908"],"github_reviewed_at":"2021-08-24T16:41:39Z","severity":"MODERATE","nvd_published_at":"2021-08-12T23:15:00Z"},"references":[{"type":"WEB","url":"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4c4g-crqm-xrxw"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-37682"},{"type":"WEB","url":"https://github.com/tensorflow/tensorflow/commit/4a91f2069f7145aab6ba2d8cfe41be8a110c18a5"},{"type":"WEB","url":"https://github.com/tensorflow/tensorflow/commit/537bc7c723439b9194a358f64d871dd326c18887"},{"type":"WEB","url":"https://github.com/tensorflow/tensorflow/commit/8933b8a21280696ab119b63263babdb54c298538"},{"type":"WEB","url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-595.yaml"},{"type":"WEB","url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-793.yaml"},{"type":"WEB","url":"https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-304.yaml"},{"type":"PACKAGE","url":"https://github.com/tensorflow/tensorflow"},{"type":"WEB","url":"https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/depthwise_conv.cc#L198-L200"}],"affected":[{"package":{"name":"tensorflow","ecosystem":"PyPI","purl":"pkg:pypi/tensorflow"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.3.4"}]}],"versions":["0.12.0","0.12.1","1.0.0","1.0.1","1.1.0","1.10.0","1.10.1","1.11.0","1.12.0","1.12.2","1.12.3","1.13.1","1.13.2","1.14.0","1.15.0","1.15.2","1.15.3","1.15.4","1.15.5","1.2.0","1.2.1","1.3.0","1.4.0","1.4.1","1.5.0","1.5.1","1.6.0","1.7.0","1.7.1","1.8.0","1.9.0","2.0.0","2.0.1","2.0.2","2.0.3","2.0.4","2.1.0","2.1.1","2.1.2","2.1.3","2.1.4","2.2.0","2.2.1","2.2.2","2.2.3","2.3.0","2.3.1","2.3.2","2.3.3"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-4c4g-crqm-xrxw/GHSA-4c4g-crqm-xrxw.json"}},{"package":{"name":"tensorflow","ecosystem":"PyPI","purl":"pkg:pypi/tensorflow"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"2.4.0"},{"fixed":"2.4.3"}]}],"versions":["2.4.0","2.4.1","2.4.2"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-4c4g-crqm-xrxw/GHSA-4c4g-crqm-xrxw.json"}},{"package":{"name":"tensorflow","ecosystem":"PyPI","purl":"pkg:pypi/tensorflow"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"2.5.0"},{"fixed":"2.5.1"}]}],"versions":["2.5.0"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-4c4g-crqm-xrxw/GHSA-4c4g-crqm-xrxw.json"}},{"package":{"name":"tensorflow-cpu","ecosystem":"PyPI","purl":"pkg:pypi/tensorflow-cpu"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.3.4"}]}],"versions":["1.15.0","2.1.0","2.1.1","2.1.2","2.1.3","2.1.4","2.2.0","2.2.1","2.2.2","2.2.3","2.3.0","2.3.1","2.3.2","2.3.3"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-4c4g-crqm-xrxw/GHSA-4c4g-crqm-xrxw.json"}},{"package":{"name":"tensorflow-cpu","ecosystem":"PyPI","purl":"pkg:pypi/tensorflow-cpu"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"2.4.0"},{"fixed":"2.4.3"}]}],"versions":["2.4.0","2.4.1","2.4.2"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-4c4g-crqm-xrxw/GHSA-4c4g-crqm-xrxw.json"}},{"package":{"name":"tensorflow-cpu","ecosystem":"PyPI","purl":"pkg:pypi/tensorflow-cpu"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"2.5.0"},{"fixed":"2.5.1"}]}],"versions":["2.5.0"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-4c4g-crqm-xrxw/GHSA-4c4g-crqm-xrxw.json"}},{"package":{"name":"tensorflow-gpu","ecosystem":"PyPI","purl":"pkg:pypi/tensorflow-gpu"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.3.4"}]}],"versions":["0.12.0","0.12.1","1.0.0","1.0.1","1.1.0","1.10.0","1.10.1","1.11.0","1.12.0","1.12.2","1.12.3","1.13.1","1.13.2","1.14.0","1.15.0","1.15.2","1.15.3","1.15.4","1.15.5","1.2.0","1.2.1","1.3.0","1.4.0","1.4.1","1.5.0","1.5.1","1.6.0","1.7.0","1.7.1","1.8.0","1.9.0","2.0.0","2.0.1","2.0.2","2.0.3","2.0.4","2.1.0","2.1.1","2.1.2","2.1.3","2.1.4","2.2.0","2.2.1","2.2.2","2.2.3","2.3.0","2.3.1","2.3.2","2.3.3"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-4c4g-crqm-xrxw/GHSA-4c4g-crqm-xrxw.json"}},{"package":{"name":"tensorflow-gpu","ecosystem":"PyPI","purl":"pkg:pypi/tensorflow-gpu"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"2.4.0"},{"fixed":"2.4.3"}]}],"versions":["2.4.0","2.4.1","2.4.2"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-4c4g-crqm-xrxw/GHSA-4c4g-crqm-xrxw.json"}},{"package":{"name":"tensorflow-gpu","ecosystem":"PyPI","purl":"pkg:pypi/tensorflow-gpu"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"2.5.0"},{"fixed":"2.5.1"}]}],"versions":["2.5.0"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-4c4g-crqm-xrxw/GHSA-4c4g-crqm-xrxw.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"type":"CVSS_V4","score":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"}]}