ID CVE-2021-29601
Summary TensorFlow is an end-to-end open source platform for machine learning. The TFLite implementation of concatenation is vulnerable to an integer overflow issue(https://github.com/tensorflow/tensorflow/blob/7b7352a724b690b11bfaae2cd54bc3907daf6285/tensorflow/lite/kernels/concatenation.cc#L70-L76). An attacker can craft a model such that the dimensions of one of the concatenation input overflow the values of `int`. TFLite uses `int` to represent tensor dimensions, whereas TF uses `int64`. Hence, valid TF models can trigger an integer overflow when converted to TFLite format. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.
References
Vulnerable Configurations
  • cpe:2.3:a:google:tensorflow:0.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.8.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.8.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.8.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.8.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.9.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.9.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.9.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.9.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.10.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.10.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.10.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.10.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.11.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.11.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.11.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.11.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.11.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.11.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.11.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.11.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.12.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.12.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.12.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.12.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.12.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.12.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:0.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:0.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.0.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.0.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.0.0:alpha:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.0.0:alpha:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.0.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.0.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.0.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.0.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.0.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.0.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.1.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.1.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.1.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.1.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.1.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.1.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.1.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.1.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.2.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.2.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.2.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.2.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.2.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.2.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.2.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.2.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.3.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.3.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.3.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.3.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.3.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.3.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.3.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.3.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.4.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.4.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.4.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.4.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.4.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.4.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.5.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.5.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.5.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.5.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.5.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.5.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.6.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.6.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.6.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.6.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.6.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.6.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.7.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.7.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.7.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.7.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.7.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.7.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.8.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.8.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.8.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.8.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.8.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.8.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.9.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.9.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.9.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.9.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.9.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.9.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.9.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.9.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.10.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.10.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.10.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.10.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.10.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.10.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.10.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.10.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.11.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.11.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.11.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.11.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.11.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.11.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.11.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.11.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.12.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.12.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.12.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.12.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.12.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.12.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.12.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.12.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.12.2:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.12.2:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.12.3:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.12.3:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.13.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.13.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.13.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.13.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.13.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.13.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.13.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.13.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.13.2:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.13.2:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.14.0:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.14.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.14.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.14.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.14.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.14.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.14.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.15.0:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.15.0:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.15.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.15.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.15.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.15.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.15.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.15.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.15.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.15.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.15.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.15.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.15.2:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.15.2:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.15.3:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.15.3:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.15.4:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.15.4:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:1.15.5:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:1.15.5:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.0.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.0.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.0.0:alpha0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.0.0:alpha0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.0.0:beta0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.0.0:beta0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.0.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.0.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.0.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.0.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.0.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.0.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.0.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.0.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.1.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.1.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.1.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.1.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.1.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.1.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.1.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.1.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.2.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.2.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.2.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.2.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.2.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.2.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.2.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.2.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.2.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.2.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.2.0:rc4:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.2.0:rc4:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.3.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.3.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.3.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.3.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.3.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.3.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.3.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.3.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.4.0:-:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.4.0:-:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.4.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.4.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.4.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.4.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.4.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.4.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.4.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.4.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.4.0:rc4:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.4.0:rc4:*:*:*:*:*:*
  • cpe:2.3:a:google:tensorflow:2.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:google:tensorflow:2.4.1:*:*:*:*:*:*:*
CVSS
Base: 3.6 (as of 20-05-2021 - 16:01)
Impact:
Exploitability:
CWE CWE-190
CAPEC
  • Forced Integer Overflow
    This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:N/I:P/A:P
Last major update 20-05-2021 - 16:01
Published 14-05-2021 - 20:15
Last modified 20-05-2021 - 16:01
Back to Top