Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpmN2gtN204NS13MnYy
Integer overflow in TFLite memory allocation
Impact
The TFLite code for allocating TFLiteIntArray
s is vulnerable to an integer overflow issue:
int TfLiteIntArrayGetSizeInBytes(int size) {
static TfLiteIntArray dummy;
return sizeof(dummy) + sizeof(dummy.data[0]) * size;
}
An attacker can craft a model such that the size
multiplier is so large that the return value overflows the int
datatype and becomes negative. In turn, this results in invalid value being given to malloc
:
TfLiteIntArray* TfLiteIntArrayCreate(int size) {
TfLiteIntArray* ret = (TfLiteIntArray*)malloc(TfLiteIntArrayGetSizeInBytes(size));
ret->size = size;
return ret;
}
In this case, ret->size
would dereference an invalid pointer.
Patches
We have patched the issue in GitHub commit 7c8cc4ec69cd348e44ad6a2699057ca88faad3e5.
The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by members of the Aivul Team from Qihoo 360.
Permalink: https://github.com/advisories/GHSA-jf7h-7m85-w2v2JSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpmN2gtN204NS13MnYy
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: almost 3 years ago
Updated: over 1 year ago
CVSS Score: 7.1
CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Identifiers: GHSA-jf7h-7m85-w2v2, CVE-2021-29605
References:
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jf7h-7m85-w2v2
- https://nvd.nist.gov/vuln/detail/CVE-2021-29605
- https://github.com/tensorflow/tensorflow/commit/7c8cc4ec69cd348e44ad6a2699057ca88faad3e5
- https://github.com/advisories/GHSA-jf7h-7m85-w2v2
Blast Radius: 34.6
Affected Packages
pypi:tensorflow
Dependent packages: 1,733Dependent repositories: 73,755
Downloads: 22,560,575 last month
Affected Version Ranges: >= 2.4.0, < 2.4.2, >= 2.3.0, < 2.3.3, >= 2.2.0, < 2.2.3, < 2.1.4
Fixed in: 2.4.2, 2.3.3, 2.2.3, 2.1.4
All affected versions: 0.12.0, 0.12.1, 1.0.0, 1.0.1, 1.1.0, 1.2.0, 1.2.1, 1.3.0, 1.4.0, 1.4.1, 1.5.0, 1.5.1, 1.6.0, 1.7.0, 1.7.1, 1.8.0, 1.9.0, 1.10.0, 1.10.1, 1.11.0, 1.12.0, 1.12.2, 1.12.3, 1.13.1, 1.13.2, 1.14.0, 1.15.0, 1.15.2, 1.15.3, 1.15.4, 1.15.5, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.1.0, 2.1.1, 2.1.2, 2.1.3, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.3.2, 2.4.0, 2.4.1
All unaffected versions: 2.1.4, 2.2.3, 2.3.3, 2.3.4, 2.4.2, 2.4.3, 2.4.4, 2.5.0, 2.5.1, 2.5.2, 2.5.3, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.7.0, 2.7.1, 2.7.2, 2.7.3, 2.7.4, 2.8.0, 2.8.1, 2.8.2, 2.8.3, 2.8.4, 2.9.0, 2.9.1, 2.9.2, 2.9.3, 2.10.0, 2.10.1, 2.11.0, 2.11.1, 2.12.0, 2.12.1, 2.13.0, 2.13.1, 2.14.0, 2.14.1, 2.15.0, 2.15.1, 2.16.1