CVE-2022-21741: Division by zero in TFLite
(updated )
An attacker can craft a TFLite model that would trigger a division by zero in the implementation of depthwise convolutions.
The parameters of the convolution can be user controlled and are also used within a division operation to determine the size of the padding that needs to be added before applying the convolution. There is no check before this division that the divisor is stricly positive.
References
- github.com/advisories/GHSA-428x-9xc2-m8mj
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-65.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-120.yaml
- github.com/tensorflow/tensorflow
- github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/lite/kernels/depthwise_conv.cc
- github.com/tensorflow/tensorflow/commit/e5b0eec199c2d03de54fd6a7fd9275692218e2bc
- github.com/tensorflow/tensorflow/security/advisories/GHSA-428x-9xc2-m8mj
- nvd.nist.gov/vuln/detail/CVE-2022-21741
Code Behaviors & Features
Detect and mitigate CVE-2022-21741 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →