CVE-2021-41199: Overflow/crash in `tf.image.resize` when size is large
(updated )
If tf.image.resize is called with a large input argument then the TensorFlow process will crash due to a CHECK-failure caused by an overflow.
import tensorflow as tf
import numpy as np
tf.keras.layers.UpSampling2D(
size=1610637938,
data_format='channels_first',
interpolation='bilinear')(np.ones((5,1,1,1)))
The number of elements in the output tensor is too much for the int64_t type and the overflow is detected via a CHECK statement. This aborts the process.
References
- github.com/advisories/GHSA-5hx2-qx8j-qjqm
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-609.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-807.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-392.yaml
- github.com/tensorflow/tensorflow
- github.com/tensorflow/tensorflow/commit/e5272d4204ff5b46136a1ef1204fc00597e21837
- github.com/tensorflow/tensorflow/issues/46914
- github.com/tensorflow/tensorflow/security/advisories/GHSA-5hx2-qx8j-qjqm
- nvd.nist.gov/vuln/detail/CVE-2021-41199
Detect and mitigate CVE-2021-41199 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →