logo

Advisories

Weaknesses

Fixes

Requirements

Compliance

CVE-2021-37686 tensorflow

Package

Manager: pip
Name: tensorflow
Vulnerable Version: >=2.6.0rc0 <2.6.0rc2

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS: 0.00012 pctl0.01196

Details

Infinite loop in TFLite ### Impact The strided slice implementation in TFLite has a logic bug which can allow an attacker to trigger an infinite loop. This arises from newly introduced support for [ellipsis in axis definition](https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/strided_slice.cc#L103-L122): ```cc for (int i = 0; i < effective_dims;) { if ((1 << i) & op_context->params->ellipsis_mask) { // ... int ellipsis_end_idx = std::min(i + 1 + num_add_axis + op_context->input_dims - begin_count, effective_dims); // ... for (; i < ellipsis_end_idx; ++i) { // ... } continue; } // ... ++i; } ``` An attacker can craft a model such that `ellipsis_end_idx` is smaller than `i` (e.g., always negative). In this case, the inner loop does not increase `i` and the `continue` statement causes execution to skip over the preincrement at the end of the outer loop. ### Patches We have patched the issue in GitHub commit [dfa22b348b70bb89d6d6ec0ff53973bacb4f4695](https://github.com/tensorflow/tensorflow/commit/dfa22b348b70bb89d6d6ec0ff53973bacb4f4695). The fix will be included in TensorFlow 2.6.0. This is the only affected version. ### For more information Please consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions. ### Attribution This vulnerability has been reported by members of the Aivul Team from Qihoo 360.

Metadata

Created: 2021-08-25T14:39:58Z
Modified: 2024-11-13T21:20:55Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-mhhc-q96p-mfm9/GHSA-mhhc-q96p-mfm9.json
CWE IDs: ["CWE-835"]
Alternative ID: GHSA-mhhc-q96p-mfm9
Finding: F138
Auto approve: 1