CVE-2021-37686
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2021-37686
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-37686.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2021-37686
- Aliases
- Downstream
- Related
- Published
- 2021-08-12T22:15:08Z
- Modified
- 2025-10-15T13:23:57.099591Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the strided slice implementation in TFLite has a logic bug which can allow an attacker to trigger an infinite loop. This arises from newly introduced support for ellipsis in axis definition. An attacker can craft a model such that
ellipsis_end_idxis smaller thani(e.g., always negative). In this case, the inner loop does not increaseiand thecontinuestatement causes execution to skip over the preincrement at the end of the outer loop. We have patched the issue in GitHub commit dfa22b348b70bb89d6d6ec0ff53973bacb4f4695. TensorFlow 2.6.0 is the only affected version. - References
Affected packages
Git / github.com/tensorflow/tensorflow
Affected ranges
- Type
- GIT
- Repo
- https://github.com/tensorflow/tensorflow
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
0.*
0.12.0-rc0
0.12.0-rc1
0.12.1
0.5.0
0.6.0
v0.*
v0.10.0
v0.10.0rc0
v0.11.0
v0.11.0rc0
v0.11.0rc1
v0.11.0rc2
v0.12.0
v0.7.0
v0.7.1
v0.8.0rc0
v0.9.0
v0.9.0rc0
v1.*
v1.0.0
v1.0.0-alpha
v1.0.0-rc0
v1.0.0-rc1
v1.0.0-rc2
v1.1.0
v1.1.0-rc0
v1.1.0-rc1
v1.1.0-rc2
v1.12.0
v1.12.0-rc0
v1.12.0-rc1
v1.12.0-rc2
v1.12.1
v1.2.0
v1.2.0-rc0
v1.2.0-rc1
v1.2.0-rc2
v1.3.0-rc0
v1.3.0-rc1
v1.5.0
v1.5.0-rc0
v1.5.0-rc1
v1.6.0
v1.6.0-rc0
v1.6.0-rc1
v1.7.0
v1.7.0-rc0
v1.7.0-rc1
v1.8.0
v1.8.0-rc0
v1.8.0-rc1
v1.9.0
v1.9.0-rc0
v1.9.0-rc1
v1.9.0-rc2
Database specific
vanir_signatures
[
{
"signature_version": "v1",
"digest": {
"function_hash": "143544202537313204508406830693510476432",
"length": 928.0
},
"source": "https://github.com/tensorflow/tensorflow/commit/dfa22b348b70bb89d6d6ec0ff53973bacb4f4695",
"signature_type": "Function",
"target": {
"function": "AverageEvalQuantizedUint8",
"file": "tensorflow/lite/kernels/pooling.cc"
},
"deprecated": false,
"id": "CVE-2021-37686-0b110a7b"
},
{
"signature_version": "v1",
"digest": {
"function_hash": "317214675110872046061693038213884369092",
"length": 1728.0
},
"source": "https://github.com/tensorflow/tensorflow/commit/dfa22b348b70bb89d6d6ec0ff53973bacb4f4695",
"signature_type": "Function",
"target": {
"function": "AveragePool",
"file": "tensorflow/lite/kernels/internal/reference/integer_ops/pooling.h"
},
"deprecated": false,
"id": "CVE-2021-37686-1aaff6ed"
},
{
"signature_version": "v1",
"digest": {
"function_hash": "321315077331483339639689115985628254583",
"length": 942.0
},
"source": "https://github.com/tensorflow/tensorflow/commit/dfa22b348b70bb89d6d6ec0ff53973bacb4f4695",
"signature_type": "Function",
"target": {
"function": "AverageEvalQuantizedInt8",
"file": "tensorflow/lite/kernels/pooling.cc"
},
"deprecated": false,
"id": "CVE-2021-37686-1f3cbca2"
},
{
"signature_version": "v1",
"digest": {
"function_hash": "263527065909926952938739376439608543704",
"length": 3475.0
},
"source": "https://github.com/tensorflow/tensorflow/commit/dfa22b348b70bb89d6d6ec0ff53973bacb4f4695",
"signature_type": "Function",
"target": {
"function": "AveragePool",
"file": "tensorflow/lite/kernels/internal/optimized/integer_ops/pooling.h"
},
"deprecated": false,
"id": "CVE-2021-37686-224c70af"
},
{
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"299666033148654188996992585554673153789",
"160731831032962662493661453079735735172",
"304501883202949003973770721996025683744",
"32704760779852204755950989013105065132",
"91307159360382347184990090999597059316",
"38969049301477277839386979473355490727",
"254472421294782186261688992459505672677",
"124174043409814447459430820654771205494",
"45289104276074418355786856027973441572"
]
},
"source": "https://github.com/tensorflow/tensorflow/commit/dfa22b348b70bb89d6d6ec0ff53973bacb4f4695",
"signature_type": "Line",
"target": {
"file": "tensorflow/lite/kernels/internal/averagepool_quantized_test.cc"
},
"deprecated": false,
"id": "CVE-2021-37686-35dcf542"
},
{
"signature_version": "v1",
"digest": {
"function_hash": "251826010013058484973394236524624980969",
"length": 851.0
},
"source": "https://github.com/tensorflow/tensorflow/commit/dfa22b348b70bb89d6d6ec0ff53973bacb4f4695",
"signature_type": "Function",
"target": {
"function": "AverageEvalQuantizedInt16",
"file": "tensorflow/lite/kernels/pooling.cc"
},
"deprecated": false,
"id": "CVE-2021-37686-4e6c64db"
},
{
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"58160071227191133710247258424898720219",
"221303420282560162897193183777257560180",
"238344735739119659765184536430107555428",
"312488091052101231167480429301031579673",
"118989298305319855228371305955859934731",
"150311510848961006252330820345688364175",
"338999901173074051597889452106985941656",
"168534343867078671822421113271999832407",
"8434539235143823467564852999938875874",
"275881278853309565458405128121063102257",
"191939913379233452897610430999685705336",
"223274156695616404735873218589514963801",
"134548628968116778797838431939527333308",
"334403956954520218001429730294327817841",
"306522969949105517268324884749470665999",
"315893757410299931851314000033654581204",
"225172650585130755590371615157756737466",
"130803183361694072045646490750115072083",
"271599995586489163553561785969443728110",
"317602688454682269876974179797720827766",
"714104165807350826634564775855549625",
"3171096699164061570528811705389178391",
"39899925370138294602834733778262466728",
"306521673366807587921966264349694795971",
"57188689911492459917129816822059621276",
"234123226939689609481251363067037954563",
"89855486150965415630218258732545421282",
"64299216301905180462902310812018510816",
"137859064370951004078838172083981761328",
"150883302697097430163700130988064785895",
"258788741431234282224402442360671994194",
"156995870437377231715523888954504534034",
"241080059691349686590742116510823109251",
"162351739150682085394743060147443899980",
"83495060877905114453686333572816169889",
"251962967068890413536903947142980063435",
"235656452082402070833688960470720649572",
"275881278853309565458405128121063102257",
"191939913379233452897610430999685705336",
"223274156695616404735873218589514963801",
"134548628968116778797838431939527333308",
"207618430807046733506708081182961619807",
"276908958195382199926387780253749031333",
"33970245830395231090454663751823182797",
"185221978679746446272884303483658206721",
"265774516019865954950121492980248252193",
"139884511250953876436698163122019642785",
"156249074965799545956216275591756630241",
"278751575702635853602077421994369796823",
"3171096699164061570528811705389178391",
"39899925370138294602834733778262466728",
"306521673366807587921966264349694795971",
"57188689911492459917129816822059621276",
"234123226939689609481251363067037954563",
"23409601368802221844592391863085590368",
"130690162479414800160244704067554032776",
"54096097260268341671718158435267712406",
"28420860715824291312242953237934670375",
"337895001094351150149404995907554396467",
"177359753558644547157151588117564810559",
"162351739150682085394743060147443899980",
"83495060877905114453686333572816169889",
"251962967068890413536903947142980063435",
"235656452082402070833688960470720649572",
"275881278853309565458405128121063102257",
"191939913379233452897610430999685705336",
"223274156695616404735873218589514963801",
"134548628968116778797838431939527333308",
"207618430807046733506708081182961619807",
"276908958195382199926387780253749031333",
"33970245830395231090454663751823182797",
"304475299257065868750565392142078782302",
"160165104682333595657808790928690480719",
"10208968675065822990605935289274727617",
"21705319581947566193321948516337360653",
"134499056175873870811864697408291127912",
"339991776203425590758311037172495392142",
"337966883707135533980393368809053769386",
"169823753621988967313339365526884352324",
"211233782235166079123413626204974513040",
"234123226939689609481251363067037954563",
"325419287693950881796926056886042407404",
"259151700177029071235395167654595384098",
"218868555274133361264836359217659535353",
"132652023040154102587700436295554866038",
"258788741431234282224402442360671994194",
"156995870437377231715523888954504534034",
"98980765144634462396885867433994847527",
"48685496446910633732105156723942050540",
"222595765850937694487836087242347414937",
"120863205665662338522594917547152859569",
"235656452082402070833688960470720649572",
"275881278853309565458405128121063102257",
"191939913379233452897610430999685705336",
"223274156695616404735873218589514963801",
"134548628968116778797838431939527333308",
"207618430807046733506708081182961619807",
"276908958195382199926387780253749031333",
"33970245830395231090454663751823182797",
"320543202991204050439853847304913948247",
"137318806791704863505478515751574329443",
"309548610557918372156183979000339759117",
"91376619472408313041565087531798826275",
"167875516485735563826133046033873108388",
"261038997366626683071520949703386152709",
"27880051360680233525759291772053354703",
"51337622272622314815765401288108572624",
"253175877104263081559608338456020863940",
"207608488806454509069588392894330036999",
"172412140123968163997178348817949150447",
"323108022667330578957484382991332413655",
"146057689065397072745517895346219028119",
"163984864969649007180893519063481217077",
"156243477237481532586864633732642736071",
"61234019073493747477809195340935229507",
"50859535080940420037791529169403259856",
"255424802829512435423084057484858997347",
"252953463674660382937339851888871431304",
"155834395734796570958394583332064104676",
"257407548644683543125297021123871997718",
"262546218167776635792786615141747099840",
"99079943789945151623486375930065226550",
"275772475281896765372314851151613083539"
]
},
"source": "https://github.com/tensorflow/tensorflow/commit/dfa22b348b70bb89d6d6ec0ff53973bacb4f4695",
"signature_type": "Line",
"target": {
"file": "tensorflow/lite/kernels/pooling.cc"
},
"deprecated": false,
"id": "CVE-2021-37686-5c52425e"
},
{
"signature_version": "v1",
"digest": {
"function_hash": "94122823871109461736715440408812454391",
"length": 995.0
},
"source": "https://github.com/tensorflow/tensorflow/commit/dfa22b348b70bb89d6d6ec0ff53973bacb4f4695",
"signature_type": "Function",
"target": {
"function": "AverageEval",
"file": "tensorflow/lite/kernels/pooling.cc"
},
"deprecated": false,
"id": "CVE-2021-37686-63ca8edc"
},
{
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"22585841779318832729693128947916886710",
"141513922788160349343974608867310196802",
"305059717153399730593497396310550613176",
"286363132166224817571868948686095346769",
"294023376140085865225475220000991994148",
"274018213606261858323554903938540835644",
"249984370597416901532483435583104643449",
"552281486270336815791889307539878396",
"108587633537507210242609878158511307392",
"108587633537507210242609878158511307392",
"289662629843683621356617509243756963638",
"151387386607403744712610492438593917632",
"136293728782923691951979337345538175076",
"223414696618547175448977176810815385471",
"294023376140085865225475220000991994148",
"164204480203692930796000102922605339359",
"118519164792929408858927979327278089549",
"313632599200890850832085529780081347921",
"108587633537507210242609878158511307392",
"108587633537507210242609878158511307392",
"270968754962739875187271081689903488428",
"52701061794074738477928566913258557469"
]
},
"source": "https://github.com/tensorflow/tensorflow/commit/dfa22b348b70bb89d6d6ec0ff53973bacb4f4695",
"signature_type": "Line",
"target": {
"file": "tensorflow/lite/kernels/internal/reference/pooling.h"
},
"deprecated": false,
"id": "CVE-2021-37686-6cde6c0c"
},
{
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"85291634787394905160521909685951700550",
"135242719497681266152389821377158675371",
"289129364340600444519888726102762129656",
"286363132166224817571868948686095346769",
"338962539197245228622232513358863247441",
"32410634013237191719669261278953205302",
"241080034841598816979700689773775317111",
"169726345396619110913338672676887806205",
"291311887410597682533370607102211528014",
"41771111956811776306130129441074186498",
"151387386607403744712610492438593917632",
"189280893654575625456190359661892763439",
"164941623831334094591218889046118730597",
"177499191333874275064628029166703549817",
"11665764458397870535395669709441646915",
"55843782485032455927841764297663545393",
"314526150291616197774612989321853455649",
"108587633537507210242609878158511307392",
"108587633537507210242609878158511307392",
"294134969024749742560571913477803685924",
"86707825450656005522744744525543333446"
]
},
"source": "https://github.com/tensorflow/tensorflow/commit/dfa22b348b70bb89d6d6ec0ff53973bacb4f4695",
"signature_type": "Line",
"target": {
"file": "tensorflow/lite/kernels/internal/optimized/optimized_ops.h"
},
"deprecated": false,
"id": "CVE-2021-37686-6de82c83"
},
{
"signature_version": "v1",
"digest": {
"function_hash": "17339417511016544599260009349421563105",
"length": 458.0
},
"source": "https://github.com/tensorflow/tensorflow/commit/dfa22b348b70bb89d6d6ec0ff53973bacb4f4695",
"signature_type": "Function",
"target": {
"function": "RunOneAveragePoolTest",
"file": "tensorflow/lite/kernels/internal/averagepool_quantized_test.cc"
},
"deprecated": false,
"id": "CVE-2021-37686-7ee39cca"
},
{
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"209250687392870336237250877960048617122",
"144963577092979834396747043483945371047",
"175704823184715384312410500372102926719",
"289292731314929749991553620331020286862",
"41924137364585302987598194774796591468",
"80675239996141308339216723336204441726",
"257059100437433735111365041024881500755",
"113496942286884331980646283345011811465",
"279450833056707458959808554117120263654",
"92222453028202031162019227388633462564",
"204012571320305386037558122206570194344",
"3043418236370500933798803972533684560",
"150431427620908877454909438156414642412",
"40710612025087163026829003520912619009",
"70194921987361446446021277281697801972",
"48321691684680548016381520856130827781",
"8559132062614801290475379411264201044",
"67616540733581249326827236842054114405",
"224543152747532272629693676960329215083",
"210026851136911945756943945061629977372",
"294665998996778108859956030873613034905",
"100394875287271822115594024480924792438",
"317050728733654676928126044973395601206",
"127299874967651951727895647182868680556",
"207367473785136869286825490548326240616",
"42577033737094876645890837331869006568",
"98739598984299648928152123449352990404",
"18711687562495917974171629985762914843",
"173988874150595483481937734841203750515",
"42826234175958644795177805966577897872",
"89479189836653797743796436291134007564",
"273751260762597253556705900906961052061",
"329772047705327721520349749969539271417",
"113496942286884331980646283345011811465",
"221501581695731126398109145825575785946",
"150490694623824343995238651708303172881",
"302200045180119770035395563718273482614",
"299892821929003525801030650986899682184",
"82290460401003866745635470414207156125",
"311652739141765837667918792784781682545",
"183222135935687799371743628648862481629",
"104985535966397994778003522074258029222",
"223216804349758664622701449748913364417",
"214264263180291010016597409811563621632",
"309461251710473340128500286135077345369",
"149910860113954790264139996598036660136",
"124585023097540349483414850059453929752",
"186420334287646593734476756969257603864",
"228057166000270892069223514270209356213",
"220368707422750291135100373310418789894",
"48941506863989725710486236336436518958",
"309685339677161406458107774198591107305",
"278273197991267264548073627832300769931",
"237072723238287953668969437972002655267"
]
},
"source": "https://github.com/tensorflow/tensorflow/commit/dfa22b348b70bb89d6d6ec0ff53973bacb4f4695",
"signature_type": "Line",
"target": {
"file": "tensorflow/lite/kernels/internal/optimized/legacy_optimized_ops.h"
},
"deprecated": false,
"id": "CVE-2021-37686-89f247f0"
},
{
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"289662629843683621356617509243756963638",
"267273761198098267171950869193988116510",
"310052609795220497218570092969178672505",
"137013471385547872901666046902649251687",
"177499191333874275064628029166703549817",
"11665764458397870535395669709441646915",
"340169638648570725545437219336111323724",
"74371351911076327587717694596545226922",
"108587633537507210242609878158511307392",
"108587633537507210242609878158511307392",
"108587633537507210242609878158511307392",
"108587633537507210242609878158511307392"
]
},
"source": "https://github.com/tensorflow/tensorflow/commit/dfa22b348b70bb89d6d6ec0ff53973bacb4f4695",
"signature_type": "Line",
"target": {
"file": "tensorflow/lite/kernels/internal/optimized/integer_ops/pooling.h"
},
"deprecated": false,
"id": "CVE-2021-37686-8adfb14e"
},
{
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"12424960639106247522867624451248419453",
"4086934822090644806235735394467736290",
"175704823184715384312410500372102926719",
"289292731314929749991553620331020286862",
"41924137364585302987598194774796591468",
"80675239996141308339216723336204441726",
"257059100437433735111365041024881500755",
"29476965642401382303681784608667389533",
"275824948296086955531090492211131849204",
"65283019082745970591366812672824662383",
"92222453028202031162019227388633462564",
"204012571320305386037558122206570194344",
"3043418236370500933798803972533684560",
"150431427620908877454909438156414642412",
"40710612025087163026829003520912619009",
"70194921987361446446021277281697801972",
"48321691684680548016381520856130827781",
"8559132062614801290475379411264201044",
"67616540733581249326827236842054114405",
"224543152747532272629693676960329215083",
"210026851136911945756943945061629977372",
"294665998996778108859956030873613034905",
"100394875287271822115594024480924792438",
"317050728733654676928126044973395601206",
"127299874967651951727895647182868680556",
"207367473785136869286825490548326240616",
"42577033737094876645890837331869006568",
"98739598984299648928152123449352990404",
"18711687562495917974171629985762914843",
"173988874150595483481937734841203750515",
"42826234175958644795177805966577897872",
"89479189836653797743796436291134007564",
"273751260762597253556705900906961052061",
"329772047705327721520349749969539271417",
"113496942286884331980646283345011811465",
"221501581695731126398109145825575785946",
"150490694623824343995238651708303172881",
"302200045180119770035395563718273482614",
"299892821929003525801030650986899682184",
"82290460401003866745635470414207156125",
"311652739141765837667918792784781682545",
"183222135935687799371743628648862481629",
"104985535966397994778003522074258029222",
"223216804349758664622701449748913364417",
"214264263180291010016597409811563621632",
"309461251710473340128500286135077345369",
"149910860113954790264139996598036660136",
"124585023097540349483414850059453929752",
"186420334287646593734476756969257603864",
"228057166000270892069223514270209356213",
"220368707422750291135100373310418789894",
"48941506863989725710486236336436518958",
"309685339677161406458107774198591107305",
"278273197991267264548073627832300769931",
"237072723238287953668969437972002655267"
]
},
"source": "https://github.com/tensorflow/tensorflow/commit/dfa22b348b70bb89d6d6ec0ff53973bacb4f4695",
"signature_type": "Line",
"target": {
"file": "tensorflow/lite/kernels/internal/reference/legacy_reference_ops.h"
},
"deprecated": false,
"id": "CVE-2021-37686-97e2409b"
},
{
"signature_version": "v1",
"digest": {
"function_hash": "17439458750952764376606597375665797411",
"length": 1692.0
},
"source": "https://github.com/tensorflow/tensorflow/commit/dfa22b348b70bb89d6d6ec0ff53973bacb4f4695",
"signature_type": "Function",
"target": {
"function": "AveragePool",
"file": "tensorflow/lite/kernels/internal/reference/pooling.h"
},
"deprecated": false,
"id": "CVE-2021-37686-9ec74491"
},
{
"signature_version": "v1",
"digest": {
"function_hash": "275828509715379953373598663087774646744",
"length": 884.0
},
"source": "https://github.com/tensorflow/tensorflow/commit/dfa22b348b70bb89d6d6ec0ff53973bacb4f4695",
"signature_type": "Function",
"target": {
"function": "AverageEvalFloat",
"file": "tensorflow/lite/kernels/pooling.cc"
},
"deprecated": false,
"id": "CVE-2021-37686-ea65e26a"
},
{
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"197472279584491139139237372878300586466",
"75499020925283997433852483929592133830",
"295593396898860360314186776829462284855",
"207391343531448723279466109333221764075",
"294023376140085865225475220000991994148",
"189137157732218156505515742140491234067",
"113720113017316484369663474892748975294",
"155671379866496532469147437374057361192",
"108587633537507210242609878158511307392",
"108587633537507210242609878158511307392",
"294134969024749742560571913477803685924",
"25854777166897224312538055161177688207",
"289662629843683621356617509243756963638",
"151387386607403744712610492438593917632",
"198009038329364723492647381589005248216",
"340000032386220488548456609043905741770",
"294023376140085865225475220000991994148",
"189137157732218156505515742140491234067",
"113720113017316484369663474892748975294",
"155671379866496532469147437374057361192",
"108587633537507210242609878158511307392",
"108587633537507210242609878158511307392",
"294134969024749742560571913477803685924",
"97575272232065022733356911216181803351"
]
},
"source": "https://github.com/tensorflow/tensorflow/commit/dfa22b348b70bb89d6d6ec0ff53973bacb4f4695",
"signature_type": "Line",
"target": {
"file": "tensorflow/lite/kernels/internal/reference/integer_ops/pooling.h"
},
"deprecated": false,
"id": "CVE-2021-37686-eb40428f"
},
{
"signature_version": "v1",
"digest": {
"function_hash": "317214675110872046061693038213884369092",
"length": 1728.0
},
"source": "https://github.com/tensorflow/tensorflow/commit/dfa22b348b70bb89d6d6ec0ff53973bacb4f4695",
"signature_type": "Function",
"target": {
"function": "AveragePool",
"file": "tensorflow/lite/kernels/internal/reference/integer_ops/pooling.h"
},
"deprecated": false,
"id": "CVE-2021-37686-ec2833dd"
},
{
"signature_version": "v1",
"digest": {
"function_hash": "155016450236671551127786071402055702056",
"length": 1534.0
},
"source": "https://github.com/tensorflow/tensorflow/commit/dfa22b348b70bb89d6d6ec0ff53973bacb4f4695",
"signature_type": "Function",
"target": {
"function": "AveragePool",
"file": "tensorflow/lite/kernels/internal/reference/pooling.h"
},
"deprecated": false,
"id": "CVE-2021-37686-f2c88947"
}
]