Miggo Logo

CVE-2021-29559: Heap OOB access in unicode ops

2.5

CVSS Score
3.1

Basic Information

EPSS Score
0.0259%
Published
5/21/2021
Updated
10/31/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
Package NameEcosystemVulnerable VersionsFirst Patched Version
tensorflowpip< 2.1.42.1.4
tensorflowpip>= 2.2.0, < 2.2.32.2.3
tensorflowpip>= 2.3.0, < 2.3.32.3.3
tensorflowpip>= 2.4.0, < 2.4.22.4.2
tensorflow-cpupip< 2.1.42.1.4
tensorflow-cpupip>= 2.2.0, < 2.2.32.2.3
tensorflow-cpupip>= 2.3.0, < 2.3.32.3.3
tensorflow-cpupip>= 2.4.0, < 2.4.22.4.2
tensorflow-gpupip< 2.1.42.1.4
tensorflow-gpupip>= 2.2.0, < 2.2.32.2.3
tensorflow-gpupip>= 2.3.0, < 2.3.32.3.3
tensorflow-gpupip>= 2.4.0, < 2.4.22.4.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from the UnicodeEncodeOp::Compute function's failure to validate input_splits parameters. The commit diff shows critical validation logic was added to this function (OP_REQUIRES checks for split boundaries and ordering). The original code processed input_splits without these safeguards, allowing attackers to craft malicious split/values pairs that access memory beyond the allocated buffer. The direct correlation between the vulnerability description, CWE-125 classification, and the patched code location confirms this function's role.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t *n *tt**k*r **n ****ss **t* outsi** o* *oun*s o* ***p *llo**t** *rr*y in `t*.r*w_ops.Uni*o***n*o**`: ```pyt*on import t*nsor*low *s t* input_v*lu*s = t*.*onst*nt([**], s**p*=[*], *typ*=t*.int**) input_splits = t*.*onst*nt([[**, ***, *]],

Reasoning

T** vuln*r**ility st*ms *rom t** Uni*o***n*o**Op::*omput* *un*tion's **ilur* to v*li**t* input_splits p*r*m*t*rs. T** *ommit *i** s*ows *riti**l v*li**tion lo*i* w*s ***** to t*is *un*tion (OP_R*QUIR*S ****ks *or split *oun**ri*s *n* or**rin*). T** o