Miggo Logo

CVE-2021-29586: Division by zero in optimized pooling implementations in TFLite

2.5

CVSS Score
3.1

Basic Information

EPSS Score
0.0254%
Published
5/21/2021
Updated
11/13/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
Package NameEcosystemVulnerable VersionsFirst Patched Version
tensorflowpip< 2.1.42.1.4
tensorflowpip>= 2.2.0, < 2.2.32.2.3
tensorflowpip>= 2.3.0, < 2.3.32.3.3
tensorflowpip>= 2.4.0, < 2.4.22.4.2
tensorflow-cpupip< 2.1.42.1.4
tensorflow-cpupip>= 2.2.0, < 2.2.32.2.3
tensorflow-cpupip>= 2.3.0, < 2.3.32.3.3
tensorflow-cpupip>= 2.4.0, < 2.4.22.4.2
tensorflow-gpupip< 2.1.42.1.4
tensorflow-gpupip>= 2.2.0, < 2.2.32.2.3
tensorflow-gpupip>= 2.3.0, < 2.3.32.3.3
tensorflow-gpupip>= 2.4.0, < 2.4.22.4.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from missing validation of stride parameters in the GenericPrepare function. The commit 5f7975d explicitly adds TF_LITE_ENSURE checks for stride values in this function, and the vulnerability description identifies ComputePaddingHeightWidth usage with unvalidated strides. Since GenericPrepare is the entry point for pooling operations and lacked these critical checks, it is the clear vulnerable function.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t Optimiz** poolin* impl*m*nt*tions in T*Lit* **il to ****k t**t t** stri** *r*um*nts *r* not * ***or* **llin* [`*omput*P***in***i**tWi*t*`](*ttps://*it*u*.*om/t*nsor*low/t*nsor*low/*lo*/****************************************/t*nsor*low/li

Reasoning

T** vuln*r**ility st*ms *rom missin* v*li**tion o* stri** p*r*m*t*rs in t** **n*ri*Pr*p*r* *un*tion. T** *ommit ******* *xpli*itly ***s T*_LIT*_*NSUR* ****ks *or stri** v*lu*s in t*is *un*tion, *n* t** vuln*r**ility **s*ription i**nti*i*s *omput*P***