CVE-2021-37641: 
Python vulnerability analysis and mitigation

TensorFlow, an end-to-end open source platform for machine learning, was found to contain a vulnerability in versions prior to 2.6.0. The vulnerability (CVE-2021-37641) was discovered in the tf.raw_ops.RaggedGather operation where improper validation of arguments could trigger a read from outside the bounds of heap allocated buffers. The issue was reported by members of the Aivul Team from Qihoo 360 and was patched in August 2021 (GitHub Advisory, NVD).

The vulnerability stems from two implementation flaws in the RaggedGather operation: first, it directly reads the first dimension of a tensor shape before verifying that the tensor has a rank of at least 1 (not a scalar), and second, it fails to validate that the paramsnestedsplits list is not empty. The issue received a CVSS v3.1 base score of 7.1 HIGH with vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H (NVD).

When successfully exploited, this vulnerability could allow an attacker to trigger reads from outside the bounds of heap allocated buffers, potentially leading to information disclosure or denial of service. The vulnerability affects TensorFlow versions 2.3.0 through 2.5.x before their respective security patches (NVD).

The vulnerability was patched in GitHub commit a2b743f6017d7b97af1fe49087ae15f0ac634373 and included in TensorFlow 2.6.0. The fix was also backported to TensorFlow 2.5.1, 2.4.3, and 2.3.4. Users are advised to upgrade to these patched versions (GitHub Advisory).