{"id":"PYSEC-2021-449","details":"TensorFlow is an end-to-end open source platform for machine learning. Specifying a negative dense shape in `tf.raw_ops.SparseCountSparseOutput` results in a segmentation fault being thrown out from the standard library as `std::vector` invariants are broken. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/8f7b60ee8c0206a2c99802e3a4d1bb55d2bc0624/tensorflow/core/kernels/count_ops.cc#L199-L213) assumes the first element of the dense shape is always positive and uses it to initialize a `BatchedMap\u003cT\u003e` (i.e., `std::vector\u003cabsl::flat_hash_map\u003cint64,T\u003e\u003e`(https://github.com/tensorflow/tensorflow/blob/8f7b60ee8c0206a2c99802e3a4d1bb55d2bc0624/tensorflow/core/kernels/count_ops.cc#L27)) data structure. If the `shape` tensor has more than one element, `num_batches` is the first value in `shape`. Ensuring that the `dense_shape` argument is a valid tensor shape (that is, all elements are non-negative) solves this issue. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2 and TensorFlow 2.3.3.","aliases":["BIT-tensorflow-2021-29521","CVE-2021-29521","GHSA-hr84-fqvp-48mm","PYSEC-2021-158","PYSEC-2021-647"],"modified":"2023-12-06T01:01:03.739052Z","published":"2021-05-14T20:15:00Z","references":[{"type":"FIX","url":"https://github.com/tensorflow/tensorflow/commit/c57c0b9f3a4f8684f3489dd9a9ec627ad8b599f5"},{"type":"ADVISORY","url":"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hr84-fqvp-48mm"}],"affected":[{"package":{"name":"tensorflow-cpu","ecosystem":"PyPI","purl":"pkg:pypi/tensorflow-cpu"},"ranges":[{"type":"GIT","repo":"https://github.com/tensorflow/tensorflow","events":[{"introduced":"0"},{"fixed":"c57c0b9f3a4f8684f3489dd9a9ec627ad8b599f5"}]},{"type":"ECOSYSTEM","events":[{"introduced":"2.3.0"},{"fixed":"2.3.3"},{"introduced":"2.4.0"},{"fixed":"2.4.2"}]}],"versions":["2.3.0","2.3.1","2.3.2","2.4.0","2.4.1"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/tensorflow-cpu/PYSEC-2021-449.yaml"}}],"schema_version":"1.7.3"}