Miggo Logo

CVE-2021-41211: Heap OOB in shape inference for `QuantizeV2`

7.1

CVSS Score
3.1

Basic Information

EPSS Score
0.03322%
Published
11/10/2021
Updated
11/7/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
tensorflowpip= 2.6.02.6.1
tensorflow-cpupip= 2.6.02.6.1
tensorflow-gpupip= 2.6.02.6.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from the QuantizeV2 shape inference function's handling of the 'axis' parameter. The original code (before patch) only checked if axis != -1 but didn't validate against values < -1. This allowed attackers to specify invalid negative axes that underflow the valid dimension index range. The function directly uses the unvalidated 'axis' value in c->Dim(input, axis), which when negative beyond -1, translates to an invalid positive index via dims() + axis + 1 calculation, causing OOB access. The patch explicitly adds the 'axis < -1' check, confirming this as the root cause.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t T** [s**p* in**r*n** *o** *or `Qu*ntiz*V*`](*ttps://*it*u*.*om/t*nsor*low/t*nsor*low/*lo*/****************************************/t*nsor*low/*or*/*r*m*work/*ommon_s**p*_*ns.**#L****-L****) **n tri***r * r*** outsi** o* *oun*s o* ***p *llo

Reasoning

T** vuln*r**ility st*ms *rom t** Qu*ntiz*V* s**p* in**r*n** *un*tion's **n*lin* o* t** '*xis' p*r*m*t*r. T** ori*in*l *o** (***or* p*t**) only ****k** i* *xis != -* *ut *i*n't v*li**t* ***inst v*lu*s < -*. T*is *llow** *tt**k*rs to sp**i*y inv*li* n*