CVE-2021-29592: Null pointer dereference in TFLite's `Reshape` operator
(updated )
The fix for CVE-2020-15209 missed the case when the target shape of Reshape operator is given by the elements of a 1-D tensor. As such, the fix for the vulnerability allowed passing a null-buffer-backed tensor with a 1D shape:
if (tensor->data.raw == nullptr && tensor->bytes > 0) {
if (registration.builtin_code == kTfLiteBuiltinReshape && i == 1) {
// In general, having a tensor here with no buffer will be an error.
// However, for the reshape operator, the second input tensor is only
// used for the shape, not for the data. Thus, null buffer is ok.
continue;
} else {
// In all other cases, we need to return an error as otherwise we will
// trigger a null pointer dereference (likely).
ReportError("Input tensor %d lacks data", tensor_index);
return kTfLiteError;
}
}
References
- github.com/advisories/GHSA-jjr8-m8g8-p6wv
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-520.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-718.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-229.yaml
- github.com/tensorflow/tensorflow
- github.com/tensorflow/tensorflow/blob/9c1dc920d8ffb4893d6c9d27d1f039607b326743/tensorflow/lite/core/subgraph.cc
- github.com/tensorflow/tensorflow/commit/f8378920345f4f4604202d4ab15ef64b2aceaa16
- github.com/tensorflow/tensorflow/security/advisories/GHSA-jjr8-m8g8-p6wv
- nvd.nist.gov/vuln/detail/CVE-2021-29592
Detect and mitigate CVE-2021-29592 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →