CVE-2022-23557: Division by zero in TFLite
(updated )
An attacker can craft a TFLite model that would trigger a division by zero in BiasAndClamp implementation:
inline void BiasAndClamp(float clamp_min, float clamp_max, int bias_size,
const float* bias_data, int array_size,
float* array_data) {
// ...
TFLITE_DCHECK_EQ((array_size % bias_size), 0);
// ...
}
There is no check that the bias_size is non zero.
References
- github.com/advisories/GHSA-gf2j-f278-xh4v
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-66.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-121.yaml
- github.com/tensorflow/tensorflow
- github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/lite/kernels/internal/common.h
- github.com/tensorflow/tensorflow/commit/8c6f391a2282684a25cbfec7687bd5d35261a209
- github.com/tensorflow/tensorflow/security/advisories/GHSA-gf2j-f278-xh4v
- nvd.nist.gov/vuln/detail/CVE-2022-23557
Detect and mitigate CVE-2022-23557 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →