CVE-2021-29529

Опубликовано: 14 мая 2021

Источник: nvd

CVSS3: 2.5

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a heap buffer overflow in tf.raw_ops.QuantizedResizeBilinear by manipulating input values so that float rounding results in off-by-one error in accessing image elements. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/44b7f486c0143f68b56c34e2d01e146ee445134a/tensorflow/core/kernels/quantized_resize_bilinear_op.cc#L62-L66) computes two integers (representing the upper and lower bounds for interpolation) by ceiling and flooring a floating point value. For some values of in, interpolation->upper[i] might be smaller than interpolation->lower[i]. This is an issue if interpolation->upper[i] is capped at in_size-1 as it means that interpolation->lower[i] points outside of the image. Then, in the interpolation code(https://github.com/tensorflow/tensorflow/blob/44b7f486c0143f68b56c34e2d01e146ee445134a/tensorflow/core/kernels/quantized_resize_bilinear_op.c

Ссылки

https://github.com/tensorflow/tensorflow/commit/f851613f8f0fb0c838d160ced13c134f778e3ce7
Patch
Third Party Advisory
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jfp7-4j67-8r3q
Exploit
Patch
Third Party Advisory
https://github.com/tensorflow/tensorflow/commit/f851613f8f0fb0c838d160ced13c134f778e3ce7
Patch
Third Party Advisory
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jfp7-4j67-8r3q
Exploit
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*

Версия до 2.1.4 (исключая)

cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*

Версия от 2.2.0 (включая) до 2.2.3 (исключая)

cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*

Версия от 2.3.0 (включая) до 2.3.3 (исключая)

cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*

Версия от 2.4.0 (включая) до 2.4.2 (исключая)

EPSS

Процентиль: 14%

0.00047

Низкий

2.5 Low

CVSS3

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-131

CWE-193

Связанные уязвимости

CVE-2021-29529

CVSS3: 2.5

debian

больше 4 лет назад

TensorFlow is an end-to-end open source platform for machine learning. ...

GHSA-jfp7-4j67-8r3q

CVSS3: 2.5

github

больше 4 лет назад

Heap buffer overflow caused by rounding

EPSS

Процентиль: 14%

0.00047

Низкий

2.5 Low

CVSS3

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-131

CWE-193