1## TFSA-2021-129: Heap OOB in `ResourceScatterUpdate` 2 3### CVE Number 4CVE-2021-37655 5 6### Impact 7An attacker can trigger a read from outside of bounds of heap allocated data by 8sending invalid arguments to `tf.raw_ops.ResourceScatterUpdate`: 9 10```python 11import tensorflow as tf 12 13v = tf.Variable([b'vvv']) 14tf.raw_ops.ResourceScatterUpdate( 15 resource=v.handle, 16 indices=[0], 17 updates=['1', '2', '3', '4', '5']) 18``` 19 20The 21[implementation](https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/resource_variable_ops.cc#L919-L923) 22has an incomplete validation of the relationship between the shapes of `indices` 23and `updates`: instead of checking that the shape of `indices` is a prefix of 24the shape of `updates` (so that broadcasting can happen), code only checks that 25the number of elements in these two tensors are in a divisibility relationship. 26 27### Patches 28We have patched the issue in GitHub commit 29[01cff3f986259d661103412a20745928c727326f](https://github.com/tensorflow/tensorflow/commit/01cff3f986259d661103412a20745928c727326f). 30 31The fix will be included in TensorFlow 2.6.0. We will also cherrypick this 32commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are 33also affected and still in supported range. 34 35### For more information 36Please consult [our security 37guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for 38more information regarding the security model and how to contact us with issues 39and questions. 40 41### Attribution 42This vulnerability has been reported by members of the Aivul Team from Qihoo 43360. 44