TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SpaceToBatchND` (in all backends such as XLA and handwritten kernels) is vulnerable to an integer overflow: The result of this integer overflow is used to allocate the output tensor, hence we get a denial of service via a `CHECK`-failure (assertion failure), as in TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
| Link | Tags |
|---|---|
| https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md | third party advisory patch |
| https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4 | third party advisory release notes |
| https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2 | third party advisory release notes |
| https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1 | third party advisory release notes |
| https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0 | third party advisory release notes |
| https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jjm6-4vf7-cjh4 | exploit third party advisory patch |
| https://github.com/tensorflow/tensorflow/commit/acd56b8bcb72b163c834ae4f18469047b001fadf | third party advisory patch |