CVE-2021-29601: Integer overflow in TFLite concatentation
(updated )
The TFLite implementation of concatenation is vulnerable to an integer overflow issue:
for (int d = 0; d < t0->dims->size; ++d) {
if (d == axis) {
sum_axis += t->dims->data[axis];
} else {
TF_LITE_ENSURE_EQ(context, t->dims->data[d], t0->dims->data[d]);
}
}
An attacker can craft a model such that the dimensions of one of the concatenation input overflow the values of int
. TFLite uses int
to represent tensor dimensions, whereas TF uses int64
. Hence, valid TF models can trigger an integer overflow when converted to TFLite format.
References
- github.com/advisories/GHSA-9c84-4hx6-xmm4
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-529.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-727.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-238.yaml
- github.com/tensorflow/tensorflow
- github.com/tensorflow/tensorflow/blob/7b7352a724b690b11bfaae2cd54bc3907daf6285/tensorflow/lite/kernels/concatenation.cc
- github.com/tensorflow/tensorflow/commit/4253f96a58486ffe84b61c0415bb234a4632ee73
- github.com/tensorflow/tensorflow/security/advisories/GHSA-9c84-4hx6-xmm4
- nvd.nist.gov/vuln/detail/CVE-2021-29601
Detect and mitigate CVE-2021-29601 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →