CVE-2021-29603: Heap OOB write in TFLite
(updated )
A specially crafted TFLite model could trigger an OOB write on heap in the TFLite implementation of ArgMin
/ArgMax
:
TfLiteIntArray* output_dims = TfLiteIntArrayCreate(NumDimensions(input) - 1);
int j = 0;
for (int i = 0; i < NumDimensions(input); ++i) {
if (i != axis_value) {
output_dims->data[j] = SizeOfDimension(input, i);
++j;
}
}
If axis_value
is not a value between 0 and NumDimensions(input)
, then the condition in the if
is never true, so code writes past the last valid element of output_dims->data
.
References
- github.com/advisories/GHSA-crch-j389-5f84
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-531.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-729.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-240.yaml
- github.com/tensorflow/tensorflow
- github.com/tensorflow/tensorflow/blob/102b211d892f3abc14f845a72047809b39cc65ab/tensorflow/lite/kernels/arg_min_max.cc
- github.com/tensorflow/tensorflow/commit/c59c37e7b2d563967da813fa50fe20b21f4da683
- github.com/tensorflow/tensorflow/security/advisories/GHSA-crch-j389-5f84
- nvd.nist.gov/vuln/detail/CVE-2021-29603
Detect and mitigate CVE-2021-29603 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →