1## TFSA-2021-069: Segfault in `CTCBeamSearchDecoder` 2 3### CVE Number 4CVE-2021-29581 5 6### Impact 7Due to lack of validation in `tf.raw_ops.CTCBeamSearchDecoder`, an attacker can 8trigger denial of service via segmentation faults: 9 10```python 11import tensorflow as tf 12 13inputs = tf.constant([], shape=[18, 8, 0], dtype=tf.float32) 14sequence_length = tf.constant([11, -43, -92, 11, -89, -83, -35, -100], 15shape=[8], dtype=tf.int32) 16beam_width = 10 17top_paths = 3 18merge_repeated = True 19 20tf.raw_ops.CTCBeamSearchDecoder( 21 inputs=inputs, sequence_length=sequence_length, beam_width=beam_width, 22 top_paths=top_paths, merge_repeated=merge_repeated) 23``` 24 25The 26[implementation](https://github.com/tensorflow/tensorflow/blob/a74768f8e4efbda4def9f16ee7e13cf3922ac5f7/tensorflow/core/kernels/ctc_decoder_ops.cc#L68-L79) 27fails to detect cases when the input tensor is empty and proceeds to read data 28from a null buffer. 29 30### Patches 31We have patched the issue in GitHub commit 32[b1b323042264740c398140da32e93fb9c2c9f33e](https://github.com/tensorflow/tensorflow/commit/b1b323042264740c398140da32e93fb9c2c9f33e). 33 34The fix will be included in TensorFlow 2.5.0. We will also cherrypick this 35commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 362.1.4, as these are also affected and still in supported range. 37 38### For more information 39Please consult [our security 40guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for 41more information regarding the security model and how to contact us with issues 42and questions. 43 44### Attribution 45This vulnerability has been reported by Yakun Zhang and Ying Wang of Baidu 46X-Team. 47