Lucene search

K
freebsdFreeBSD326B2F3E-6FC7-4661-955D-A772760DB9CF
HistoryNov 21, 2022 - 12:00 a.m.

py-tflite -- buffer overflow vulnerability

2022-11-2100:00:00
vuxml.freebsd.org
13
thibaut goetghebuer-planchon
kernel reference
data pointer
buffer overflow
attacker model
input channels
output channels
interpreter
opresolvertype
builtin_ref
vulnerability fix

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

41.6%

Thibaut Goetghebuer-Planchon reports:

The reference kernel of the CONV_3D_TRANSPOSE TensorFlow Lite operator wrongly increments the data_ptr when adding the bias to the result.
Instead of data_ptr += num_channels; it should be data_ptr += output_num_channels; as if the number of input channels is different than the number of output channels, the wrong result will be returned and a buffer overflow will occur if num_channels > output_num_channels.
An attacker can craft a model with a specific number of input channels in a way similar to the attached example script.
It is then possible to write specific values through the bias of the layer outside the bounds of the buffer.
This attack only works if the reference kernel resolver is used in the interpreter (i.e. experimental_op_resolver_type=tf.lite.experimental.OpResolverType.BUILTIN_REF is used).

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

41.6%

Related for 326B2F3E-6FC7-4661-955D-A772760DB9CF