CVE-2021-41198: Overflow/crash in `tf.tile` when tiling tensor is large
(updated )
If tf.tile is called with a large input argument then the TensorFlow process will crash due to a CHECK-failure caused by an overflow.
import tensorflow as tf
import numpy as np
tf.keras.backend.tile(x=np.ones((1,1,1)), n=[100000000,100000000, 100000000])
The number of elements in the output tensor is too much for the int64_t type and the overflow is detected via a CHECK statement. This aborts the process.
References
- github.com/advisories/GHSA-2p25-55c9-h58q
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-608.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-806.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-391.yaml
- github.com/tensorflow/tensorflow
- github.com/tensorflow/tensorflow/commit/9294094df6fea79271778eb7e7ae1bad8b5ef98f
- github.com/tensorflow/tensorflow/issues/46911
- github.com/tensorflow/tensorflow/security/advisories/GHSA-2p25-55c9-h58q
- nvd.nist.gov/vuln/detail/CVE-2021-41198
Detect and mitigate CVE-2021-41198 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →