High severityNVD Advisory· Published Nov 5, 2021· Updated Aug 4, 2024

Heap OOB read in shape inference for `QuantizeV2`

CVE-2021-41211

Description

TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for QuantizeV2 can trigger a read outside of bounds of heap allocated array. This occurs whenever axis is a negative value less than -1. In this case, we are accessing data before the start of a heap buffer. The code allows axis to be an optional argument (s would contain an error::NOT_FOUND error code). Otherwise, it assumes that axis is a valid index into the dimensions of the input tensor. If axis is less than -1 then this results in a heap OOB read. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, as this version is the only one that is also affected.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
tensorflowPyPI	>= 2.6.0, < 2.6.1	2.6.1
tensorflow-cpuPyPI	>= 2.6.0, < 2.6.1	2.6.1
tensorflow-gpuPyPI	>= 2.6.0, < 2.6.1	2.6.1

Affected products

Tensorflow/Tensorflowv5
Range: >= 2.6.0, < 2.6.1

Patches

a0d64445116c

Prevent OOB access in QuantizeV2 shape inference

https://github.com/tensorflow/tensorflowYu-Cheng LingOct 1, 2021via ghsa

commit

1 file changed · +3 −0

tensorflow/core/framework/common_shape_fns.cc+3 −0 modified

@@ -2559,6 +2559,9 @@ Status QuantizeV2Shape(InferenceContext* c) {
   if (!s.ok() && s.code() != error::NOT_FOUND) {
     return s;
   }
+  if (axis < -1) {
+    return errors::InvalidArgument("axis should be at least -1, got ", axis);
+  }
   const int minmax_rank = (axis == -1) ? 0 : 1;
   TF_RETURN_IF_ERROR(shape_inference::UnchangedShape(c));
   ShapeHandle minmax;

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/advisories/GHSA-cvgx-3v3q-m36cghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2021-41211ghsaADVISORY
github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-620.yamlghsaWEB
github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-818.yamlghsaWEB
github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-403.yamlghsaWEB
github.com/tensorflow/tensorflow/commit/a0d64445116c43cf46a5666bd4eee28e7a82f244ghsax_refsource_MISCWEB
github.com/tensorflow/tensorflow/security/advisories/GHSA-cvgx-3v3q-m36cghsax_refsource_CONFIRMWEB

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000