CVE-2021-29601: Integer overflow in TFLite concatentation
(updated )
The TFLite implementation of concatenation is vulnerable to an integer overflow issue:
for (int d = 0; d < t0->dims->size; ++d) {
if (d == axis) {
sum_axis += t->dims->data[axis];
} else {
TF_LITE_ENSURE_EQ(context, t->dims->data[d], t0->dims->data[d]);
}
}
An attacker can craft a model such that the dimensions of one of the concatenation input overflow the values of int. TFLite uses int to represent tensor dimensions, whereas TF uses int64. Hence, valid TF models can trigger an integer overflow when converted to TFLite format.
References
- github.com/advisories/GHSA-9c84-4hx6-xmm4
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-529.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-727.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-238.yaml
- github.com/tensorflow/tensorflow
- github.com/tensorflow/tensorflow/blob/7b7352a724b690b11bfaae2cd54bc3907daf6285/tensorflow/lite/kernels/concatenation.cc
- github.com/tensorflow/tensorflow/commit/4253f96a58486ffe84b61c0415bb234a4632ee73
- github.com/tensorflow/tensorflow/security/advisories/GHSA-9c84-4hx6-xmm4
- nvd.nist.gov/vuln/detail/CVE-2021-29601
Code Behaviors & Features
Detect and mitigate CVE-2021-29601 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →