{ "schema_version": "1.4.0", "id": "GHSA-m7fm-4jfh-jrg6", "modified": "2024-11-13T17:27:03Z", "published": "2021-08-25T14:43:07Z", "aliases": [ "CVE-2021-37652" ], "summary": "Use after free in boosted trees creation", "details": "### Impact\nThe implementation for `tf.raw_ops.BoostedTreesCreateEnsemble` can result in a use after free error if an attacker supplies specially crafted arguments:\n\n```python\nimport tensorflow as tf\n\nv= tf.Variable([0.0])\ntf.raw_ops.BoostedTreesCreateEnsemble(\n tree_ensemble_handle=v.handle,\n stamp_token=[0],\n tree_ensemble_serialized=['0']) \n```\n\nThe [implementation](https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/boosted_trees/resource_ops.cc#L55) uses a reference counted resource and decrements the refcount if the initialization fails, as it should. However, when the code was written, the resource was represented as a naked pointer but later refactoring has changed it to be a smart pointer. Thus, when the pointer leaves the scope, a subsequent `free`-ing of the resource occurs, but this fails to take into account that the refcount has already reached 0, thus the resource has been already freed. During this double-free process, members of the resource object are accessed for cleanup but they are invalid as the entire resource has been freed.\n\n### Patches\nWe have patched the issue in GitHub commit [5ecec9c6fbdbc6be03295685190a45e7eee726ab](https://github.com/tensorflow/tensorflow/commit/5ecec9c6fbdbc6be03295685190a45e7eee726ab).\n\nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "type": "CVSS_V4", "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" } ], "affected": [ { "package": { "ecosystem": "PyPI", "name": "tensorflow" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "2.3.4" } ] } ] }, { "package": { "ecosystem": "PyPI", "name": "tensorflow" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "2.4.0" }, { "fixed": "2.4.3" } ] } ] }, { "package": { "ecosystem": "PyPI", "name": "tensorflow" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "2.5.0" }, { "fixed": "2.5.1" } ] } ], "versions": [ "2.5.0" ] }, { "package": { "ecosystem": "PyPI", "name": "tensorflow-cpu" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "2.3.4" } ] } ] }, { "package": { "ecosystem": "PyPI", "name": "tensorflow-cpu" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "2.4.0" }, { "fixed": "2.4.3" } ] } ] }, { "package": { "ecosystem": "PyPI", "name": "tensorflow-cpu" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "2.5.0" }, { "fixed": "2.5.1" } ] } ], "versions": [ "2.5.0" ] }, { "package": { "ecosystem": "PyPI", "name": "tensorflow-gpu" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "2.3.4" } ] } ] }, { "package": { "ecosystem": "PyPI", "name": "tensorflow-gpu" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "2.4.0" }, { "fixed": "2.4.3" } ] } ] }, { "package": { "ecosystem": "PyPI", "name": "tensorflow-gpu" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "2.5.0" }, { "fixed": "2.5.1" } ] } ], "versions": [ "2.5.0" ] } ], "references": [ { "type": "WEB", "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m7fm-4jfh-jrg6" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37652" }, { "type": "WEB", "url": "https://github.com/tensorflow/tensorflow/commit/5ecec9c6fbdbc6be03295685190a45e7eee726ab" }, { "type": "WEB", "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-565.yaml" }, { "type": "WEB", "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-763.yaml" }, { "type": "WEB", "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-274.yaml" }, { "type": "PACKAGE", "url": "https://github.com/tensorflow/tensorflow" } ], "database_specific": { "cwe_ids": [ "CWE-415", "CWE-416" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2021-08-24T12:39:49Z", "nvd_published_at": "2021-08-12T22:15:00Z" } }