Crash in `max_pool3d` when size argument is 0 or negative
Description
TensorFlow is an open source platform for machine learning. In affected versions the Keras pooling layers can trigger a segfault if the size of the pool is 0 or if a dimension is negative. This is due to the TensorFlow's implementation of pooling operations where the values in the sliding window are not checked to be strictly positive. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
tensorflowPyPI | >= 2.6.0, < 2.6.1 | 2.6.1 |
tensorflowPyPI | >= 2.5.0, < 2.5.2 | 2.5.2 |
tensorflowPyPI | < 2.4.4 | 2.4.4 |
tensorflow-cpuPyPI | >= 2.6.0, < 2.6.1 | 2.6.1 |
tensorflow-cpuPyPI | >= 2.5.0, < 2.5.2 | 2.5.2 |
tensorflow-cpuPyPI | < 2.4.4 | 2.4.4 |
tensorflow-gpuPyPI | >= 2.6.0, < 2.6.1 | 2.6.1 |
tensorflow-gpuPyPI | >= 2.5.0, < 2.5.2 | 2.5.2 |
tensorflow-gpuPyPI | < 2.4.4 | 2.4.4 |
Affected products
1- Range: >= 2.6.0, < 2.6.1
Patches
112b1ff82b3f2Merge pull request #51975 from yongtang:51936-max_pool3d
2 files changed · +19 −0
tensorflow/core/kernels/pooling_ops_3d.cc+5 −0 modified@@ -141,6 +141,11 @@ class Pooling3DOp : public UnaryOp<T> { OP_REQUIRES(context, ksize_.size() == 5, errors::InvalidArgument("Sliding window ksize field must " "specify 5 dimensions")); + bool non_negative = + std::all_of(ksize_.begin(), ksize_.end(), [](int k) { return k > 0; }); + OP_REQUIRES(context, non_negative, + errors::InvalidArgument("Sliding window ksize field must " + "have non-negative dimensions")); OP_REQUIRES_OK(context, context->GetAttr("strides", &stride_)); OP_REQUIRES(context, stride_.size() == 5, errors::InvalidArgument("Sliding window stride field must "
tensorflow/python/kernel_tests/pooling_ops_3d_test.py+14 −0 modified@@ -17,6 +17,7 @@ import numpy as np from tensorflow.python.framework import constant_op +from tensorflow.python.framework import errors from tensorflow.python.framework import test_util from tensorflow.python.ops import gradient_checker from tensorflow.python.ops import gradients_impl @@ -501,6 +502,19 @@ def testAvgPoolGradSamePadding3_1_3d(self): strides=(1, 1, 1), padding="SAME") + def testMaxPool3DZeroPoolSize(self): + # Test case for GitHub issue 51936. + for f in [nn_ops.max_pool3d, nn_ops.avg_pool3d]: + with self.session(): + with self.assertRaises((errors.InvalidArgumentError, ValueError)): + input_sizes = [3, 4, 10, 11, 12] + + input_data = 1. + input_tensor = constant_op.constant( + input_data, shape=input_sizes, name="input") + pool_3d = f(input_tensor, ksize=[2, 2, 0], strides=1, padding="VALID") + self.evaluate(pool_3d) + if __name__ == "__main__": test.main()
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
8- github.com/advisories/GHSA-m539-j985-hcr8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-41196ghsaADVISORY
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-606.yamlghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-804.yamlghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-389.yamlghsaWEB
- github.com/tensorflow/tensorflow/commit/12b1ff82b3f26ff8de17e58703231d5a02ef1b8bghsax_refsource_MISCWEB
- github.com/tensorflow/tensorflow/issues/51936ghsax_refsource_MISCWEB
- github.com/tensorflow/tensorflow/security/advisories/GHSA-m539-j985-hcr8ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.