CVE-2021-37686: Infinite loop in TFLite
(updated )
The strided slice implementation in TFLite has a logic bug which can allow an attacker to trigger an infinite loop. This arises from newly introduced support for ellipsis in axis definition:
for (int i = 0; i < effective_dims;) {
if ((1 << i) & op_context->params->ellipsis_mask) {
// ...
int ellipsis_end_idx =
std::min(i + 1 + num_add_axis + op_context->input_dims - begin_count,
effective_dims);
// ...
for (; i < ellipsis_end_idx; ++i) {
// ...
}
continue;
}
// ...
++i;
}
An attacker can craft a model such that ellipsis_end_idx
is smaller than i
(e.g., always negative). In this case, the inner loop does not increase i
and the continue
statement causes execution to skip over the preincrement at the end of the outer loop.
References
- github.com/advisories/GHSA-mhhc-q96p-mfm9
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-599.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-797.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-308.yaml
- github.com/tensorflow/tensorflow
- github.com/tensorflow/tensorflow/commit/dfa22b348b70bb89d6d6ec0ff53973bacb4f4695
- github.com/tensorflow/tensorflow/releases/tag/v2.3.4
- github.com/tensorflow/tensorflow/releases/tag/v2.4.3
- github.com/tensorflow/tensorflow/releases/tag/v2.5.1
- github.com/tensorflow/tensorflow/releases/tag/v2.6.0
- github.com/tensorflow/tensorflow/security/advisories/GHSA-mhhc-q96p-mfm9
- nvd.nist.gov/vuln/detail/CVE-2021-37686
Detect and mitigate CVE-2021-37686 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →