漏洞标题
TFLite的`Minimum`或`Maximum`实现中的堆溢出读取
漏洞描述信息
TFLite实现的`Minimum`或`Maximum`中的堆溢出读取
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
漏洞类别
N/A
漏洞标题
Heap OOB read in TFLite's implementation of `Minimum` or `Maximum`
漏洞描述信息
TensorFlow is an end-to-end open source platform for machine learning. The implementations of the `Minimum` and `Maximum` TFLite operators can be used to read data outside of bounds of heap allocated objects, if any of the two input tensor arguments are empty. This is because the broadcasting implementation(https://github.com/tensorflow/tensorflow/blob/0d45ea1ca641b21b73bcf9c00e0179cda284e7e7/tensorflow/lite/kernels/internal/reference/maximum_minimum.h#L52-L56) indexes in both tensors with the same index but does not validate that the index is within bounds. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.
CVSS信息
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
漏洞类别
跨界内存读
漏洞标题
Google TensorFlow 缓冲区错误漏洞
漏洞描述信息
Google TensorFlow是美国谷歌(Google)公司的一套用于机器学习的端到端开源平台。 TensorFlow 2.4.2,2.3.3,2.2.3,2.1.4存在安全漏洞,该漏洞源于Minimum和Maximum TFLite操作符的实现可以用于读取堆分配对象边界之外的数据,如果两个输入张量参数中的任何一个是空的。这是因为索引无法验证索引是否在范围内。
CVSS信息
N/A
漏洞类别
缓冲区错误