Miggo Logo
Miggo Vulnerability Database
CVE-2018-8825

CVE-2018-8825: Improper Restriction of Operations within the Bounds of a Memory Buffer in Google TensorFlow

8.8

CVSS Score
3.0

Basic Information

CVE ID
CVE-2018-8825
GHSA ID
GHSA-frxx-2m33-6wcr
EPSS Score
0.47773%
CWE
CWE-119
Published
4/24/2019
Updated
10/28/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
tensorflowpip>= 1.5.0, < 1.7.11.7.1
tensorflow-gpupip>= 1.5.0, < 1.7.11.7.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stemmed from insufficient FlatBuffer validation in TOCO. The patch added critical checks in 4 key areas: 1) import.cc verification was strengthened by using tflite::Verify instead of a weak custom check. 2) verifier.cc gained buffer existence checks (model->buffers()), 3) operator input/output validation, and 4) operator code range validation. These missing pre-patch checks directly enabled buffer overflows through malformed TFLite graphs, as confirmed by the CVE description and patch diffs showing added validation logic.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*oo*l* T*nsor*low *.* *n* **low is *****t** *y: *u***r Ov*r*low. T** imp**t is: *x**ut* *r*itr*ry *o** (lo**l). Us*rs p*ssin* * m*l*orm** or m*li*ious v*rsion o* * T*Lit* *r*p* into TO*O will **us* TO*O to *r*s* or **us* * *u***r ov*r*low, pot*nti*ll

Reasoning

T** vuln*r**ility st*mm** *rom insu**i*i*nt *l*t*u***r v*li**tion in TO*O. T** p*t** ***** *riti**l ****ks in * k*y *r**s: *) `import.**` v*ri*i**tion w*s str*n*t**n** *y usin* `t*lit*::V*ri*y` inst*** o* * w**k *ustom ****k. *) `v*ri*i*r.**` **in**