{"id":"CVE-2021-29521","details":"TensorFlow is an end-to-end open source platform for machine learning. Specifying a negative dense shape in `tf.raw_ops.SparseCountSparseOutput` results in a segmentation fault being thrown out from the standard library as `std::vector` invariants are broken. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/8f7b60ee8c0206a2c99802e3a4d1bb55d2bc0624/tensorflow/core/kernels/count_ops.cc#L199-L213) assumes the first element of the dense shape is always positive and uses it to initialize a `BatchedMap\u003cT\u003e` (i.e., `std::vector\u003cabsl::flat_hash_map\u003cint64,T\u003e\u003e`(https://github.com/tensorflow/tensorflow/blob/8f7b60ee8c0206a2c99802e3a4d1bb55d2bc0624/tensorflow/core/kernels/count_ops.cc#L27)) data structure. If the `shape` tensor has more than one element, `num_batches` is the first value in `shape`. Ensuring that the `dense_shape` argument is a valid tensor shape (that is, all elements are non-negative) solves this issue. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2 and TensorFlow 2.3.3.","aliases":["BIT-tensorflow-2021-29521","GHSA-hr84-fqvp-48mm","PYSEC-2021-158","PYSEC-2021-449","PYSEC-2021-647"],"modified":"2026-04-12T02:45:42.693290Z","published":"2021-05-14T20:15:11.567Z","related":["GHSA-hr84-fqvp-48mm"],"references":[{"type":"FIX","url":"https://github.com/tensorflow/tensorflow/commit/c57c0b9f3a4f8684f3489dd9a9ec627ad8b599f5"},{"type":"FIX","url":"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hr84-fqvp-48mm"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/tensorflow/tensorflow","events":[{"introduced":"b36436b087bd8e8701ef51718179037cccdfc26e"},{"fixed":"3929ffacfbef7c431e8397920d040aaf47acff19"},{"introduced":"582c8d236cb079023657287c318ff26adb239002"},{"fixed":"1923123d32ea41d92b70a27a3f6ecf0763b56f6c"},{"fixed":"c57c0b9f3a4f8684f3489dd9a9ec627ad8b599f5"}],"database_specific":{"source":["CPE_FIELD","REFERENCES"],"cpe":"cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"2.3.0"},{"fixed":"2.3.3"},{"introduced":"2.4.0"},{"fixed":"2.4.2"}]}}],"versions":["v2.3.0","v2.3.1","v2.3.2","v2.4.0","v2.4.1"],"database_specific":{"vanir_signatures":[{"deprecated":false,"target":{"file":"tensorflow/core/kernels/count_ops.cc"},"source":"https://github.com/tensorflow/tensorflow/commit/c57c0b9f3a4f8684f3489dd9a9ec627ad8b599f5","signature_version":"v1","digest":{"line_hashes":["313716304609630462537964321808569552996","294046419860844613296446090524561231385","199803823294206664962489038162650178464","325396247946547538862276611245534536283","52002578415741612972900352450237940675"],"threshold":0.9},"id":"CVE-2021-29521-f54e40af","signature_type":"Line"}],"vanir_signatures_modified":"2026-04-12T02:45:42Z","source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-29521.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}