exploitDog

CVE-2021-33648

Опубликовано: 27 июн. 2022

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

When performing the inference shape operation of Affine, Concat, MatMul, ArgMinMax, EmbeddingLookup, and Gather operators, if the input shape size is 0, it will access data outside of bounds of shape which allocated from heap buffers.

Ссылки

https://gitee.com/mindspore/community/blob/master/security/security_advisory_list/mssa-2021-007_en.md
Patch
Third Party Advisory
https://gitee.com/mindspore/community/blob/master/security/security_advisory_list/mssa-2021-007_en.md
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mindspore:mindspore:*:*:*:*:*:openeuler:*:*

Версия от 1.1.0 (включая) до 1.3.0 (исключая)

EPSS

Процентиль: 54%

0.00316

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-125

CWE-125

Связанные уязвимости

GHSA-cwmv-7w7j-38cc

CVSS3: 7.5

github

больше 3 лет назад

When performing the inference shape operation of Affine, Concat, MatMul, ArgMinMax, EmbeddingLookup, and Gather operators, if the input shape size is 0, it will access data outside of bounds of shape which allocated from heap buffers.

EPSS

Процентиль: 54%

0.00316

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-125

CWE-125