Описание
Division by zero in Conv3D
Impact
A malicious user could trigger a division by 0 in Conv3D implementation:
The implementation does a modulo operation based on user controlled input:
Thus, when filter has a 0 as the fifth element, this results in a division by 0.
Additionally, if the shape of the two tensors is not valid, an Eigen assertion can be triggered, resulting in a program crash:
The shape of the two tensors must follow the constraints specified in the op description.
Patches
We have patched the issue in GitHub commit 799f835a3dfa00a4d852defa29b15841eea9d64f.
The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by Yakun Zhang and Ying Wang of Baidu X-Team.
Ссылки
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-772p-x54p-hjrv
- https://nvd.nist.gov/vuln/detail/CVE-2021-29517
- https://github.com/tensorflow/tensorflow/commit/799f835a3dfa00a4d852defa29b15841eea9d64f
- https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-445.yaml
- https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-643.yaml
- https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-154.yaml
Пакеты
tensorflow
< 2.1.4
2.1.4
tensorflow
>= 2.2.0, < 2.2.3
2.2.3
tensorflow
>= 2.3.0, < 2.3.3
2.3.3
tensorflow
>= 2.4.0, < 2.4.2
2.4.2
tensorflow-cpu
< 2.1.4
2.1.4
tensorflow-cpu
>= 2.2.0, < 2.2.3
2.2.3
tensorflow-cpu
>= 2.3.0, < 2.3.3
2.3.3
tensorflow-cpu
>= 2.4.0, < 2.4.2
2.4.2
tensorflow-gpu
< 2.1.4
2.1.4
tensorflow-gpu
>= 2.2.0, < 2.2.3
2.2.3
tensorflow-gpu
>= 2.3.0, < 2.3.3
2.3.3
tensorflow-gpu
>= 2.4.0, < 2.4.2
2.4.2
Связанные уязвимости
TensorFlow is an end-to-end open source platform for machine learning. A malicious user could trigger a division by 0 in `Conv3D` implementation. The implementation(https://github.com/tensorflow/tensorflow/blob/42033603003965bffac51ae171b51801565e002d/tensorflow/core/kernels/conv_ops_3d.cc#L143-L145) does a modulo operation based on user controlled input. Thus, when `filter` has a 0 as the fifth element, this results in a division by 0. Additionally, if the shape of the two tensors is not valid, an Eigen assertion can be triggered, resulting in a program crash. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.
TensorFlow is an end-to-end open source platform for machine learning. ...