diff --git a/CVE-2021-29608.patch b/CVE-2021-29608.patch
new file mode 100644
index 0000000000000000000000000000000000000000..bde84009441ffa03b2690f08b414503f66e681f1
--- /dev/null
+++ b/CVE-2021-29608.patch
@@ -0,0 +1,130 @@
+From 9459f1d5fe9c102ae867d40443679bca22116653 Mon Sep 17 00:00:00 2001
+From: Amit Patankar <amitpatankar@google.com>
+Date: Thu, 15 Apr 2021 13:28:49 -0700
+Subject: [PATCH] Fix cve: CVE-2021-29608 Log: Heap OOB and null pointer
+ dereference in `RaggedTensorToTensor`
+
+Refenence:
+https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rgvq-pcvf-hx75
+https://github.com/tensorflow/tensorflow/commit/f94ef358bb3e91d517446454edff6535bcfe8e4a
+https://github.com/tensorflow/tensorflow/commit/c4d7afb6a5986b04505aca4466ae1951686c80f6
+https://github.com/tensorflow/tensorflow/commit/b761c9b652af2107cfbc33efd19be0ce41daa33e
+
+diff --git a/tensorflow/core/kernels/ragged_tensor_to_tensor_op.cc b/tensorflow/core/kernels/ragged_tensor_to_tensor_op.cc
+index d729c43f..1e8bd137 100644
+--- a/tensorflow/core/kernels/ragged_tensor_to_tensor_op.cc
++++ b/tensorflow/core/kernels/ragged_tensor_to_tensor_op.cc
+@@ -207,7 +207,7 @@ class RaggedTensorToTensorBaseOp : public OpKernel {
+     DCHECK_EQ(result->size(), first_dimension);
+   }
+ 
+-  void CalculateOutputIndexRowSplit(
++  Status CalculateOutputIndexRowSplit(
+       const RowPartitionTensor& row_split,
+       const vector<INDEX_TYPE>& parent_output_index,
+       INDEX_TYPE output_index_multiplier, INDEX_TYPE output_size,
+@@ -232,9 +232,11 @@ class RaggedTensorToTensorBaseOp : public OpKernel {
+         result->push_back(-1);
+       }
+     }
+-    if (row_split_size > 0) {
+-      DCHECK_EQ(result->size(), row_split(row_split_size - 1));
++    if (row_split_size > 0 && result->size() != row_split(row_split_size - 1)) {
++      return errors::InvalidArgument("Invalid row split size.");
+     }
++
++    return Status::OK();
+   }
+ 
+   // Calculate the output index of the first element of a list.
+@@ -258,7 +260,7 @@ class RaggedTensorToTensorBaseOp : public OpKernel {
+   // result[6] = -1 because parent_output_index[value_rowids[6]] == -1
+   // result[7] = -1 because parent_output_index[value_rowids[6]] == -1
+   // result[8] = parent_output_index[value_rowids[7]]
+-  void CalculateOutputIndexValueRowID(
++  Status CalculateOutputIndexValueRowID(
+       const RowPartitionTensor& value_rowids,
+       const vector<INDEX_TYPE>& parent_output_index,
+       INDEX_TYPE output_index_multiplier, INDEX_TYPE output_size,
+@@ -266,12 +268,18 @@ class RaggedTensorToTensorBaseOp : public OpKernel {
+     const INDEX_TYPE index_size = value_rowids.size();
+     result->reserve(index_size);
+     if (index_size == 0) {
+-      return;
++      return Status::OK();
+     }
+ 
+     INDEX_TYPE current_output_column = 0;
+     INDEX_TYPE current_value_rowid = value_rowids(0);
+-    DCHECK_LT(current_value_rowid, parent_output_index.size());
++
++    if (current_value_rowid >= parent_output_index.size()) {
++      return errors::InvalidArgument(
++          "Got current_value_rowid=", current_value_rowid,
++          " which is not less than ", parent_output_index.size());
++    }
++
+     INDEX_TYPE current_output_index = parent_output_index[current_value_rowid];
+     result->push_back(current_output_index);
+     for (INDEX_TYPE i = 1; i < index_size; ++i) {
+@@ -288,12 +296,23 @@ class RaggedTensorToTensorBaseOp : public OpKernel {
+       } else {
+         current_output_column = 0;
+         current_value_rowid = next_value_rowid;
+-        DCHECK_LT(next_value_rowid, parent_output_index.size());
++
++        if (next_value_rowid >= parent_output_index.size()) {
++          return errors::InvalidArgument(
++              "Got next_value_rowid=", next_value_rowid,
++              " which is not less than ", parent_output_index.size());
++        }
++
+         current_output_index = parent_output_index[next_value_rowid];
+       }
+       result->push_back(current_output_index);
+     }
+-    DCHECK_EQ(result->size(), value_rowids.size());
++
++    if (result->size() != value_rowids.size()) {
++      return errors::InvalidArgument("Invalid row ids.");
++    }
++
++    return Status::OK();
+   }
+ 
+   Status CalculateOutputIndex(OpKernelContext* context, int dimension,
+@@ -306,15 +325,13 @@ class RaggedTensorToTensorBaseOp : public OpKernel {
+     auto partition_type = GetRowPartitionTypeByDimension(dimension);
+     switch (partition_type) {
+       case RowPartitionType::VALUE_ROWIDS:
+-        CalculateOutputIndexValueRowID(
++        return CalculateOutputIndexValueRowID(
+             row_partition_tensor, parent_output_index, output_index_multiplier,
+             output_size, result);
+-        return tensorflow::Status::OK();
+       case RowPartitionType::ROW_SPLITS:
+-        CalculateOutputIndexRowSplit(row_partition_tensor, parent_output_index,
+-                                     output_index_multiplier, output_size,
+-                                     result);
+-        return tensorflow::Status::OK();
++        return CalculateOutputIndexRowSplit(
++            row_partition_tensor, parent_output_index, output_index_multiplier,
++            output_size, result);
+       default:
+         return errors::InvalidArgument(
+             "Unsupported partition type:",
+@@ -345,6 +362,11 @@ class RaggedTensorToTensorBaseOp : public OpKernel {
+ 
+   void Compute(OpKernelContext* context) override {
+     INDEX_TYPE first_dimension;
++    const Tensor first_partition_tensor =
++        context->input(kFirstPartitionInputIndex);
++    OP_REQUIRES(context, first_partition_tensor.NumElements() > 0,
++                errors::InvalidArgument("Invalid first partition input. Tensor "
++                                        "requires at least one element."));
+     OP_REQUIRES_OK(context, GetFirstDimensionSize(context, &first_dimension));
+     vector<INDEX_TYPE> output_size;
+     OP_REQUIRES_OK(context,
+-- 
+2.20.1
+
diff --git a/tensorflow.spec b/tensorflow.spec
index 2c308c56fbcc525daaa4bee618b2415e8c09ae94..79a10f3f8e1c110932bf74c834863e40ad58669b 100644
--- a/tensorflow.spec
+++ b/tensorflow.spec
@@ -1,7 +1,7 @@
 %global _empty_manifest_terminate_build 0
 Name:		tensorflow
 Version:	2.3.1
-Release:	4
+Release:	5
 Summary:	An Open Source Machine Learning Framework for Everyone
 License:	Apache License 2.0
 URL:		https://www.tensorflow.org/
@@ -13,7 +13,9 @@ Patch0001:      0001-Add-arm-source-file-into-aws-checksums.patch
 Patch0002:      CVE-2021-29538.patch
 Patch0003:      CVE-2021-29535.patch
 Patch0004:      CVE-2021-29566.patch
-Patch0005:	CVE-2021-29534.patch
+Patch0005:      CVE-2021-29534.patch
+Patch0006:      CVE-2021-29608.patch
+
 Requires:	python3-future
 Requires:	python3-numpy
 
@@ -60,6 +62,9 @@ bazel --output_user_root=`pwd`/../output_user_root build //tensorflow/tools/pip_
 %{_bindir}/*
 
 %changelog
+* Thu Jul 08 2021 wangqing <wangqing@uniontech.com> - 2.3.1-5
+- Add patch CVE-2021-29608
+
 * Mon Jun 28 2021 polite2anyone <zhangyao05@outlook,com> - 2.3.1-4
 - Add patch CVE-2021-29534