CWE-476
AllowedNULL Pointer Dereference
Abstraction: Base · Status: Stable
The product dereferences a pointer that it expects to be valid but is NULL.
6310 vulnerabilities reference this CWE, most recent first.
GHSA-HW53-4Q7V-6MCG
Vulnerability from github – Published: 2025-06-20 21:32 – Updated: 2025-10-22 21:31brplot v420.69.1 contains a Null Pointer Dereference (NPD) vulnerability in the br_dagens_handle_once function of its data processing module, leading to unpredictable program behavior, causing segmentation faults, and program crashes.
{
"affected": [],
"aliases": [
"CVE-2025-45331"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-20T16:15:29Z",
"severity": "HIGH"
},
"details": "brplot v420.69.1 contains a Null Pointer Dereference (NPD) vulnerability in the br_dagens_handle_once function of its data processing module, leading to unpredictable program behavior, causing segmentation faults, and program crashes.",
"id": "GHSA-hw53-4q7v-6mcg",
"modified": "2025-10-22T21:31:18Z",
"published": "2025-06-20T21:32:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-45331"
},
{
"type": "WEB",
"url": "https://github.com/branc116/brplot/commit/b90e93a0e0d514d48f38d1584496130fa5fe4fe4"
},
{
"type": "WEB",
"url": "https://gist.github.com/QiuYitai/9dd6db6e9dfc03868b9c886b801502ac"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HW98-2857-JGGJ
Vulnerability from github – Published: 2022-05-13 01:25 – Updated: 2022-05-13 01:25XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc.
{
"affected": [],
"aliases": [
"CVE-2018-20481"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-12-26T04:29:00Z",
"severity": "MODERATE"
},
"details": "XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc.",
"id": "GHSA-hw98-2857-jggj",
"modified": "2022-05-13T01:25:12Z",
"published": "2022-05-13T01:25:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20481"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:2022"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:2713"
},
{
"type": "WEB",
"url": "https://gitlab.freedesktop.org/poppler/poppler/issues/692"
},
{
"type": "WEB",
"url": "https://gitlab.freedesktop.org/poppler/poppler/merge_requests/143"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3865-1"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/106321"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HWF6-8434-65RV
Vulnerability from github – Published: 2024-06-19 15:30 – Updated: 2024-08-27 18:31In the Linux kernel, the following vulnerability has been resolved:
tee: amdtee: fix an IS_ERR() vs NULL bug
The __get_free_pages() function does not return error pointers it returns NULL so fix this condition to avoid a NULL dereference.
{
"affected": [],
"aliases": [
"CVE-2021-47601"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-19T15:15:54Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ntee: amdtee: fix an IS_ERR() vs NULL bug\n\nThe __get_free_pages() function does not return error pointers it returns\nNULL so fix this condition to avoid a NULL dereference.",
"id": "GHSA-hwf6-8434-65rv",
"modified": "2024-08-27T18:31:35Z",
"published": "2024-06-19T15:30:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47601"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/640e28d618e82be78fb43b4bf5113bc90d6aa442"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/832f3655c6138c23576ed268e31cc76e0f05f2b1"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9d7482771fac8d8e38e763263f2ca0ca12dd22c6"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HWFV-6R5J-7XM3
Vulnerability from github – Published: 2025-08-16 15:30 – Updated: 2025-11-18 18:32In the Linux kernel, the following vulnerability has been resolved:
ksmbd: validate session id and tree id in the compound request
This patch validate session id and tree id in compound request. If first operation in the compound is SMB2 ECHO request, ksmbd bypass session and tree validation. So work->sess and work->tcon could be NULL. If secound request in the compound access work->sess or tcon, It cause NULL pointer dereferecing error.
{
"affected": [],
"aliases": [
"CVE-2023-3866"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-16T14:15:27Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: validate session id and tree id in the compound request\n\nThis patch validate session id and tree id in compound request.\nIf first operation in the compound is SMB2 ECHO request, ksmbd bypass\nsession and tree validation. So work-\u003esess and work-\u003etcon could be NULL.\nIf secound request in the compound access work-\u003esess or tcon, It cause\nNULL pointer dereferecing error.",
"id": "GHSA-hwfv-6r5j-7xm3",
"modified": "2025-11-18T18:32:49Z",
"published": "2025-08-16T15:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3866"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5005bcb4219156f1bf7587b185080ec1da08518e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/854156d12caa9d36de1cf5f084591c7686cc8a9d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d1066c1b3663401cd23c0d6e60cdae750ce00c0f"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/eb947403518ea3d93f6d89264bb1f5416bb0c7d0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HWG2-4PQ6-P2CF
Vulnerability from github – Published: 2022-11-19 00:30 – Updated: 2022-11-29 18:30NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service.
{
"affected": [],
"aliases": [
"CVE-2022-34665"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-11-19T00:15:00Z",
"severity": "MODERATE"
},
"details": "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service.",
"id": "GHSA-hwg2-4pq6-p2cf",
"modified": "2022-11-29T18:30:19Z",
"published": "2022-11-19T00:30:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34665"
},
{
"type": "WEB",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5383"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202310-02"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HWHJ-RR4W-2XMM
Vulnerability from github – Published: 2022-05-14 00:56 – Updated: 2022-05-14 00:56The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to have been fixed in 4.0.23 and later.
{
"affected": [],
"aliases": [
"CVE-2018-1000027"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-02-09T23:29:00Z",
"severity": "HIGH"
},
"details": "The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to have been fixed in 4.0.23 and later.",
"id": "GHSA-hwhj-rr4w-2xmm",
"modified": "2022-05-14T00:56:21Z",
"published": "2022-05-14T00:56:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000027"
},
{
"type": "WEB",
"url": "https://github.com/squid-cache/squid/pull/129/files"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00001.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00002.html"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3557-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4059-2"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2018/dsa-4122"
},
{
"type": "WEB",
"url": "http://www.squid-cache.org/Advisories/SQUID-2018_2.txt"
},
{
"type": "WEB",
"url": "http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2018_2.patch"
},
{
"type": "WEB",
"url": "http://www.squid-cache.org/Versions/v4/changesets/SQUID-2018_2.patch"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HWJ7-VQX3-V4R8
Vulnerability from github – Published: 2022-05-17 00:12 – Updated: 2022-05-17 00:12K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025c8 DeviceIoControl request.
{
"affected": [],
"aliases": [
"CVE-2017-17701"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-12-15T20:29:00Z",
"severity": "CRITICAL"
},
"details": "K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025c8 DeviceIoControl request.",
"id": "GHSA-hwj7-vqx3-v4r8",
"modified": "2022-05-17T00:12:25Z",
"published": "2022-05-17T00:12:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17701"
},
{
"type": "WEB",
"url": "https://github.com/mmmxny/K7-Antivirus/tree/master/cve2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HWPQ-9G3C-W6V8
Vulnerability from github – Published: 2022-05-17 02:51 – Updated: 2022-05-17 02:51ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted wpg file.
{
"affected": [],
"aliases": [
"CVE-2014-9814"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-03-30T15:59:00Z",
"severity": "MODERATE"
},
"details": "ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted wpg file.",
"id": "GHSA-hwpq-9g3c-w6v8",
"modified": "2022-05-17T02:51:57Z",
"published": "2022-05-17T02:51:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9814"
},
{
"type": "WEB",
"url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream\u0026id=fcced2ba626109d23186282d326427a0fc85fec0"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343470"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HWPQ-HMQ9-WJ77
Vulnerability from github – Published: 2026-07-07 13:02 – Updated: 2026-07-07 13:02Summary
Null pointer dereference (SIGSEGV) in Upsample_6_7::adapt_upsample_6_7() (onnx/version_converter/adapters/upsample_6_7.h:31) when convert_version() processes a model with an Upsample node that has zero inputs. The adapter accesses node->inputs()[0]->sizes() without checking input count. 107-byte PoC crashes on Release build.
This is the same class of bug as the Cast adapter advisory (separate report) but in a different adapter, different file, and different operator.
Details
The Upsample 6→7 adapter validates attributes but not inputs:
// upsample_6_7.h:20-33
void adapt_upsample_6_7(..., Node* node) const {
ONNX_ASSERTM(
node->hasAttribute(width_scale_symbol) && node->hasAttribute(height_scale_symbol),
"...") // Attribute check PASSES
auto width_scale = node->f(width_scale_symbol);
auto height_scale = node->f(height_scale_symbol);
auto input_shape = node->inputs()[0]->sizes();
// ^^^^^^^^^^^^^^^^^^^^
// OOB when inputs().size() == 0 → SIGSEGV
}
The PoC has an Upsample node at opset 6 with the required width_scale and height_scale attributes but zero inputs. The attribute assertions pass, then node->inputs()[0] on an empty ArrayRef:
- Release builds (NDEBUG): bounds-check assertion compiled out → reads garbage pointer → SIGSEGV
- Debug builds: assert(Index < Length) at array_ref.h:159 → SIGABRT
An Upsample node with zero inputs passes graphProtoToGraph() because the import code only resolves input names present in the protobuf.
PoC
import base64
import onnx
from onnx import version_converter
poc_b64 = "CAI6YQo8EgFZIghVcHNhbXBsZSoVCgt3aWR0aF9zY2FsZRUAAABAoAEBKhYKDGhlaWdodF9zY2FsZRUAAABAoAEBEgR0ZXN0YhsKAVkSFgoUCAESEAoCCAEKAggBCgIIBAoCCARCBAoAEAY="
model = onnx.load_from_string(base64.b64decode(poc_b64))
# CRASHES — Upsample_6_7 adapter dereferences empty inputs array
version_converter.convert_version(model, 7) # SIGSEGV
107-byte PoC. Confirmed SIGSEGV on both onnx 1.21.0 (pip) and 1.22.0 (source build).
Impact
Any application that uses onnx.version_converter.convert_version() on untrusted models is vulnerable. This includes model conversion pipelines and tools that auto-upgrade opset versions for compatibility. The crash is unrecoverable (SIGSEGV).
This vulnerability is part of a systemic pattern across multiple version converter adapters. A full audit of all ~45 adapters was performed as part of the fix; eight adapters were found with the same class of unguarded indexed access (cast_9_8, softmax_12_13, softmax_13_12, upsample_6_7, upsample_9_10, group_normalization_20_21, broadcast_forward_compatibility, upsample_9_8) and all have been fixed in PR #7813.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "onnx"
},
"ranges": [
{
"events": [
{
"introduced": "1.9.0"
},
{
"fixed": "1.22.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-44512"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": true,
"github_reviewed_at": "2026-07-07T13:02:10Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "### Summary\n\nNull pointer dereference (SIGSEGV) in `Upsample_6_7::adapt_upsample_6_7()` (`onnx/version_converter/adapters/upsample_6_7.h:31`) when `convert_version()` processes a model with an Upsample node that has zero inputs. The adapter accesses `node-\u003einputs()[0]-\u003esizes()` without checking input count. 107-byte PoC crashes on Release build.\n\nThis is the same class of bug as the Cast adapter advisory (separate report) but in a different adapter, different file, and different operator.\n\n### Details\n\nThe Upsample 6\u21927 adapter validates attributes but not inputs:\n```cpp\n// upsample_6_7.h:20-33\nvoid adapt_upsample_6_7(..., Node* node) const {\n ONNX_ASSERTM(\n node-\u003ehasAttribute(width_scale_symbol) \u0026\u0026 node-\u003ehasAttribute(height_scale_symbol),\n \"...\") // Attribute check PASSES\n\n auto width_scale = node-\u003ef(width_scale_symbol);\n auto height_scale = node-\u003ef(height_scale_symbol);\n\n auto input_shape = node-\u003einputs()[0]-\u003esizes();\n // ^^^^^^^^^^^^^^^^^^^^\n // OOB when inputs().size() == 0 \u2192 SIGSEGV\n}\n```\n\nThe PoC has an Upsample node at opset 6 with the required `width_scale` and `height_scale` attributes but zero inputs. The attribute assertions pass, then `node-\u003einputs()[0]` on an empty `ArrayRef`:\n- Release builds (`NDEBUG`): bounds-check assertion compiled out \u2192 reads garbage pointer \u2192 SIGSEGV\n- Debug builds: `assert(Index \u003c Length)` at `array_ref.h:159` \u2192 SIGABRT\n\nAn Upsample node with zero inputs passes `graphProtoToGraph()` because the import code only resolves input names present in the protobuf.\n\n### PoC\n```python\nimport base64\nimport onnx\nfrom onnx import version_converter\n\npoc_b64 = \"CAI6YQo8EgFZIghVcHNhbXBsZSoVCgt3aWR0aF9zY2FsZRUAAABAoAEBKhYKDGhlaWdodF9zY2FsZRUAAABAoAEBEgR0ZXN0YhsKAVkSFgoUCAESEAoCCAEKAggBCgIIBAoCCARCBAoAEAY=\"\n\nmodel = onnx.load_from_string(base64.b64decode(poc_b64))\n\n# CRASHES \u2014 Upsample_6_7 adapter dereferences empty inputs array\nversion_converter.convert_version(model, 7) # SIGSEGV\n```\n\n107-byte PoC. Confirmed SIGSEGV on both onnx 1.21.0 (pip) and 1.22.0 (source build).\n\n### Impact\n\nAny application that uses `onnx.version_converter.convert_version()` on untrusted models is vulnerable. This includes model conversion pipelines and tools that auto-upgrade opset versions for compatibility. The crash is unrecoverable (SIGSEGV). \n\nThis vulnerability is part of a systemic pattern across multiple version converter adapters. A full audit of all ~45 adapters was performed as part of the fix; eight adapters were found with the same class of unguarded indexed access (cast_9_8, softmax_12_13, softmax_13_12, upsample_6_7, upsample_9_10, group_normalization_20_21, broadcast_forward_compatibility, upsample_9_8) and all have been fixed in PR #7813.",
"id": "GHSA-hwpq-hmq9-wj77",
"modified": "2026-07-07T13:02:10Z",
"published": "2026-07-07T13:02:10Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/onnx/onnx/security/advisories/GHSA-hwpq-hmq9-wj77"
},
{
"type": "WEB",
"url": "https://github.com/onnx/onnx/pull/7916"
},
{
"type": "PACKAGE",
"url": "https://github.com/onnx/onnx"
},
{
"type": "WEB",
"url": "https://github.com/onnx/onnx/releases/tag/v1.22.0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "ONNX has Null Pointer Dereference in Upsample Version Converter Adapter (Zero Inputs)"
}
GHSA-HWR7-8GXX-FJ5P
Vulnerability from github – Published: 2021-08-25 14:44 – Updated: 2024-11-13 16:33Impact
Sending invalid argument for row_partition_types of tf.raw_ops.RaggedTensorToTensor API results in a null pointer dereference and undefined behavior:
import tensorflow as tf
tf.raw_ops.RaggedTensorToTensor(
shape=1,
values=10,
default_value=21,
row_partition_tensors=tf.constant([0,0,0,0]),
row_partition_types=[])
The implementation accesses the first element of a user supplied list of values without validating that the provided list is not empty.
Patches
We have patched the issue in GitHub commit 301ae88b331d37a2a16159b65b255f4f9eb39314.
The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by members of the Aivul Team from Qihoo 360.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.3.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0"
},
{
"fixed": "2.4.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.5.0"
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.3.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0"
},
{
"fixed": "2.4.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.5.0"
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.3.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0"
},
{
"fixed": "2.4.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.5.0"
]
}
],
"aliases": [
"CVE-2021-37638"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": true,
"github_reviewed_at": "2021-08-23T18:10:19Z",
"nvd_published_at": "2021-08-12T19:15:00Z",
"severity": "HIGH"
},
"details": "### Impact\nSending invalid argument for `row_partition_types` of `tf.raw_ops.RaggedTensorToTensor` API results in a null pointer dereference and undefined behavior:\n\n```python\nimport tensorflow as tf\n\ntf.raw_ops.RaggedTensorToTensor(\n shape=1,\n values=10,\n default_value=21,\n row_partition_tensors=tf.constant([0,0,0,0]),\n row_partition_types=[])\n```\n\nThe [implementation](https://github.com/tensorflow/tensorflow/blob/47a06f40411a69c99f381495f490536972152ac0/tensorflow/core/kernels/ragged_tensor_to_tensor_op.cc#L328) accesses the first element of a user supplied list of values without validating that the provided list is not empty.\n\n### Patches\nWe have patched the issue in GitHub commit [301ae88b331d37a2a16159b65b255f4f9eb39314](https://github.com/tensorflow/tensorflow/commit/301ae88b331d37a2a16159b65b255f4f9eb39314).\n\nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.",
"id": "GHSA-hwr7-8gxx-fj5p",
"modified": "2024-11-13T16:33:37Z",
"published": "2021-08-25T14:44:09Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hwr7-8gxx-fj5p"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37638"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/commit/301ae88b331d37a2a16159b65b255f4f9eb39314"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-551.yaml"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-749.yaml"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-260.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/tensorflow/tensorflow"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Null pointer dereference in `RaggedTensorToTensor`"
}
Mitigation MIT-56
For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].
Mitigation
Select a programming language that is not susceptible to these issues.
Mitigation
Check the results of all functions that return a value and verify that the value is non-null before acting upon it.
Mitigation
Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.
Mitigation
Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.
No CAPEC attack patterns related to this CWE.