CVE-2021-41216: Heap buffer overflow in `Transpose`
(updated )
The shape inference function for Transpose is vulnerable to a heap buffer overflow:
import tensorflow as tf
@tf.function
def test():
y = tf.raw_ops.Transpose(x=[1,2,3,4],perm=[-10])
return y
test()
This occurs whenever perm contains negative elements. The shape inference function does not validate that the indices in perm are all valid:
for (int32_t i = 0; i < rank; ++i) {
int64_t in_idx = data[i];
if (in_idx >= rank) {
return errors::InvalidArgument("perm dim ", in_idx,
" is out of range of input rank ", rank);
}
dims[i] = c->Dim(input, in_idx);
}
where Dim(tensor, index) accepts either a positive index less than the rank of the tensor or the special value -1 for unknown dimensions.
References
- github.com/advisories/GHSA-3ff2-r28g-w7h9
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-625.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-823.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-408.yaml
- github.com/tensorflow/tensorflow
- github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/ops/array_ops.cc
- github.com/tensorflow/tensorflow/commit/c79ba87153ee343401dbe9d1954d7f79e521eb14
- github.com/tensorflow/tensorflow/security/advisories/GHSA-3ff2-r28g-w7h9
- nvd.nist.gov/vuln/detail/CVE-2021-41216
Detect and mitigate CVE-2021-41216 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →