Common Weakness Enumeration

CWE-125

Allowed

Out-of-bounds Read

Abstraction: Base · Status: Draft

The product reads data past the end, or before the beginning, of the intended buffer.

11288 vulnerabilities reference this CWE, most recent first.

GHSA-J42C-839R-F79F

Vulnerability from github – Published: 2022-05-24 17:36 – Updated: 2022-05-24 17:36
VLAI
Details

An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_untrusted_inet_pton using an attacker controlled klinux_addr_buffer parameter. The parameter size is unchecked allowing the attacker to read memory locations outside of the intended buffer size including memory addresses within the secure enclave. We recommend upgrading past commit 8fed5e334131abaf9c5e17307642fbf6ce4a57ec

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-8941"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-12-15T15:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_untrusted_inet_pton using an attacker controlled klinux_addr_buffer parameter. The parameter size is unchecked allowing the attacker to read memory locations outside of the intended buffer size including memory addresses within the secure enclave. We recommend upgrading past commit 8fed5e334131abaf9c5e17307642fbf6ce4a57ec",
  "id": "GHSA-j42c-839r-f79f",
  "modified": "2022-05-24T17:36:37Z",
  "published": "2022-05-24T17:36:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8941"
    },
    {
      "type": "WEB",
      "url": "https://github.com/google/asylo/commit/8fed5e334131abaf9c5e17307642fbf6ce4a57ec"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-J435-3F42-WW7P

Vulnerability from github – Published: 2024-04-16 21:31 – Updated: 2024-04-18 09:30
VLAI
Details

A bug in Micrium OS Network HTTP Server permits an invalid pointer dereference during header processing - potentially allowing a device crash and Denial of Service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-51391"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-16T20:15:09Z",
    "severity": "HIGH"
  },
  "details": "A bug in Micrium OS Network HTTP Server permits an invalid pointer dereference during header processing - potentially allowing a device crash and Denial of Service.",
  "id": "GHSA-j435-3f42-ww7p",
  "modified": "2024-04-18T09:30:44Z",
  "published": "2024-04-16T21:31:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51391"
    },
    {
      "type": "WEB",
      "url": "https://community.silabs.com/068Vm000004688g"
    },
    {
      "type": "WEB",
      "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1945"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J442-VV8M-H5M3

Vulnerability from github – Published: 2022-01-14 00:00 – Updated: 2022-01-21 00:01
VLAI
Details

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley ContextCapture 10.18.0.232. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of OBJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14785.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-34985"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-13T22:15:00Z",
    "severity": "MODERATE"
  },
  "details": "This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley ContextCapture 10.18.0.232. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of OBJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-14785.",
  "id": "GHSA-j442-vv8m-h5m3",
  "modified": "2022-01-21T00:01:11Z",
  "published": "2022-01-14T00:00:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34985"
    },
    {
      "type": "WEB",
      "url": "https://www.bentley.com/en/common-vulnerability-exposure/be-2021-0001"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1359"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-J454-PVHH-FCMQ

Vulnerability from github – Published: 2026-05-28 12:30 – Updated: 2026-06-19 15:33
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

spi: cadence-quadspi: fix unclocked access on unbind

Make sure that the controller is runtime resumed before disabling it during driver unbind to avoid an unclocked register access.

This issue was flagged by Sashiko when reviewing a controller deregistration fix.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-46203"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-28T10:16:35Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: cadence-quadspi: fix unclocked access on unbind\n\nMake sure that the controller is runtime resumed before disabling it\nduring driver unbind to avoid an unclocked register access.\n\nThis issue was flagged by Sashiko when reviewing a controller\nderegistration fix.",
  "id": "GHSA-j454-pvhh-fcmq",
  "modified": "2026-06-19T15:33:14Z",
  "published": "2026-05-28T12:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46203"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/233db2cb14db8b1935dda52a6affd97276462b82"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2e7cd62c37f51823c2bb79de1d4d76d0c1678c7e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/63a9f6012f453578898c9fcc13c8452a8651104e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/d67a5311818b3e6481a1e4293c9337ebfee73111"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J456-QG26-RQX4

Vulnerability from github – Published: 2025-03-31 21:32 – Updated: 2025-03-31 21:32
VLAI
Details

A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::ASEImporter::BuildUniqueRepresentation of the file code/AssetLib/ASE/ASELoader.cpp of the component ASE File Handler. The manipulation of the argument mIndices leads to out-of-bounds read. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 6.0 is able to address this issue. The patch is named 7c705fde418d68cca4e8eff56be01b2617b0d6fe. It is recommended to apply a patch to fix this issue.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-3015"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119",
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-31T21:15:53Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::ASEImporter::BuildUniqueRepresentation of the file code/AssetLib/ASE/ASELoader.cpp of the component ASE File Handler. The manipulation of the argument mIndices leads to out-of-bounds read. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 6.0 is able to address this issue. The patch is named 7c705fde418d68cca4e8eff56be01b2617b0d6fe. It is recommended to apply a patch to fix this issue.",
  "id": "GHSA-j456-qg26-rqx4",
  "modified": "2025-03-31T21:32:50Z",
  "published": "2025-03-31T21:32:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3015"
    },
    {
      "type": "WEB",
      "url": "https://github.com/assimp/assimp/issues/6021"
    },
    {
      "type": "WEB",
      "url": "https://github.com/assimp/assimp/issues/6021#issue-2877378829"
    },
    {
      "type": "WEB",
      "url": "https://github.com/assimp/assimp/pull/6045"
    },
    {
      "type": "WEB",
      "url": "https://github.com/assimp/assimp/commit/7c705fde418d68cca4e8eff56be01b2617b0d6fe"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.302067"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.302067"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.524589"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-J45G-66J9-Q94M

Vulnerability from github – Published: 2026-05-01 15:30 – Updated: 2026-05-03 09:33
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

mpls: add seqcount to protect the platform_label{,s} pair

The RCU-protected codepaths (mpls_forward, mpls_dump_routes) can have an inconsistent view of platform_labels vs platform_label in case of a concurrent resize (resize_platform_label_table, under platform_mutex). This can lead to OOB accesses.

This patch adds a seqcount, so that we get a consistent snapshot.

Note that mpls_label_ok is also susceptible to this, so the check against RTA_DST in rtm_to_route_config, done outside platform_mutex, is not sufficient. This value gets passed to mpls_label_ok once more in both mpls_route_add and mpls_route_del, so there is no issue, but that additional check must not be removed.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-43042"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-01T15:16:50Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nmpls: add seqcount to protect the platform_label{,s} pair\n\nThe RCU-protected codepaths (mpls_forward, mpls_dump_routes) can have\nan inconsistent view of platform_labels vs platform_label in case of a\nconcurrent resize (resize_platform_label_table, under\nplatform_mutex). This can lead to OOB accesses.\n\nThis patch adds a seqcount, so that we get a consistent snapshot.\n\nNote that mpls_label_ok is also susceptible to this, so the check\nagainst RTA_DST in rtm_to_route_config, done outside platform_mutex,\nis not sufficient. This value gets passed to mpls_label_ok once more\nin both mpls_route_add and mpls_route_del, so there is no issue, but\nthat additional check must not be removed.",
  "id": "GHSA-j45g-66j9-q94m",
  "modified": "2026-05-03T09:33:11Z",
  "published": "2026-05-01T15:30:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43042"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5bb3caf0bbfb56f1a00d2af072ac3d8395a3b9ef"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/629ec78ef8608d955ce217880cdc3e1873af3a15"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J478-P7VQ-3347

Vulnerability from github – Published: 2026-03-12 20:33 – Updated: 2026-03-16 16:38
VLAI
Summary
Ella Core: AMF DoS via malformed PathSwitchRequest with empty NR security capability bitstrings
Details

Summary

Ella Core panics when processing a PathSwitchRequest containing UE Security Capabilities with zero-length NR encryption or integrity protection algorithm bitstrings, resulting in a denial of service.

Impact

An attacker able to send crafted NGAP messages to Ella Core can crash the process, causing service disruption for all connected subscribers. No authentication is required.

Fix

Added length validation on NR algorithm bitstrings before accessing them in the PathSwitchRequest handler.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/ellanetworks/core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.5.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-32320"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-12T20:33:28Z",
    "nvd_published_at": "2026-03-13T19:54:42Z",
    "severity": "MODERATE"
  },
  "details": "## Summary\n\nElla Core panics when processing a PathSwitchRequest containing UE Security Capabilities with zero-length NR encryption or integrity protection algorithm bitstrings, resulting in a denial of service.\n\n## Impact\n\nAn attacker able to send crafted NGAP messages to Ella Core can crash the process, causing service disruption for all connected subscribers. No authentication is required.\n\n## Fix\n\nAdded length validation on NR algorithm bitstrings before accessing them in the PathSwitchRequest handler.",
  "id": "GHSA-j478-p7vq-3347",
  "modified": "2026-03-16T16:38:02Z",
  "published": "2026-03-12T20:33:28Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/ellanetworks/core/security/advisories/GHSA-j478-p7vq-3347"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32320"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ellanetworks/core"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ellanetworks/core/releases/tag/v1.5.1"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2026-4691"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Ella Core: AMF DoS via malformed PathSwitchRequest with empty NR security capability bitstrings"
}

GHSA-J47F-4232-HVV8

Vulnerability from github – Published: 2021-05-21 14:22 – Updated: 2024-10-30 23:21
VLAI
Summary
Heap out of bounds read in `RaggedCross`
Details

Impact

An attacker can force accesses outside the bounds of heap allocated arrays by passing in invalid tensor values to tf.raw_ops.RaggedCross:

import tensorflow as tf

ragged_values = []
ragged_row_splits = [] 
sparse_indices = []
sparse_values = []
sparse_shape = []

dense_inputs_elem = tf.constant([], shape=[92, 0], dtype=tf.int64)
dense_inputs = [dense_inputs_elem]

input_order = "R"
hashed_output = False
num_buckets = 0
hash_key = 0 

tf.raw_ops.RaggedCross(ragged_values=ragged_values,
    ragged_row_splits=ragged_row_splits,
    sparse_indices=sparse_indices,
    sparse_values=sparse_values,
    sparse_shape=sparse_shape,
    dense_inputs=dense_inputs,
    input_order=input_order,
    hashed_output=hashed_output,
    num_buckets=num_buckets,
    hash_key=hash_key,
    out_values_type=tf.int64,
    out_row_splits_type=tf.int64)

This is because the implementation lacks validation for the user supplied arguments:

int next_ragged = 0;
int next_sparse = 0;
int next_dense = 0;
for (char c : input_order_) {
  if (c == 'R') {
    TF_RETURN_IF_ERROR(BuildRaggedFeatureReader(
        ragged_values_list[next_ragged], ragged_splits_list[next_ragged],
        features));
    next_ragged++;
  } else if (c == 'S') {
    TF_RETURN_IF_ERROR(BuildSparseFeatureReader(
        sparse_indices_list[next_sparse], sparse_values_list[next_sparse],
        batch_size, features));
    next_sparse++;
  } else if (c == 'D') {
    TF_RETURN_IF_ERROR(
        BuildDenseFeatureReader(dense_list[next_dense++], features));
  }
  ...
}

Each of the above branches call a helper function after accessing array elements via a *_list[next_*] pattern, followed by incrementing the next_* index. However, as there is no validation that the next_* values are in the valid range for the corresponding *_list arrays, this results in heap OOB reads.

Patches

We have patched the issue in GitHub commit 44b7f486c0143f68b56c34e2d01e146ee445134a.

The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

For more information

Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.

Attribution

This vulnerability has been reported by Ying Wang and Yakun Zhang of Baidu X-Team.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.1.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.2.0"
            },
            {
              "fixed": "2.2.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.3.0"
            },
            {
              "fixed": "2.3.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.4.0"
            },
            {
              "fixed": "2.4.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.1.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.2.0"
            },
            {
              "fixed": "2.2.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.3.0"
            },
            {
              "fixed": "2.3.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.4.0"
            },
            {
              "fixed": "2.4.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.1.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.2.0"
            },
            {
              "fixed": "2.2.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.3.0"
            },
            {
              "fixed": "2.3.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.4.0"
            },
            {
              "fixed": "2.4.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-29532"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-05-18T22:54:15Z",
    "nvd_published_at": "2021-05-14T20:15:00Z",
    "severity": "LOW"
  },
  "details": "### Impact\nAn attacker can force accesses outside the bounds of heap allocated arrays by passing in invalid tensor values to `tf.raw_ops.RaggedCross`:\n\n```python\nimport tensorflow as tf\n\nragged_values = []\nragged_row_splits = [] \nsparse_indices = []\nsparse_values = []\nsparse_shape = []\n\ndense_inputs_elem = tf.constant([], shape=[92, 0], dtype=tf.int64)\ndense_inputs = [dense_inputs_elem]\n\ninput_order = \"R\"\nhashed_output = False\nnum_buckets = 0\nhash_key = 0 \n\ntf.raw_ops.RaggedCross(ragged_values=ragged_values,\n    ragged_row_splits=ragged_row_splits,\n    sparse_indices=sparse_indices,\n    sparse_values=sparse_values,\n    sparse_shape=sparse_shape,\n    dense_inputs=dense_inputs,\n    input_order=input_order,\n    hashed_output=hashed_output,\n    num_buckets=num_buckets,\n    hash_key=hash_key,\n    out_values_type=tf.int64,\n    out_row_splits_type=tf.int64)\n```\n\nThis is because the [implementation](https://github.com/tensorflow/tensorflow/blob/efea03b38fb8d3b81762237dc85e579cc5fc6e87/tensorflow/core/kernels/ragged_cross_op.cc#L456-L487) lacks validation for the user supplied arguments:\n\n```cc\nint next_ragged = 0;\nint next_sparse = 0;\nint next_dense = 0;\nfor (char c : input_order_) {\n  if (c == \u0027R\u0027) {\n    TF_RETURN_IF_ERROR(BuildRaggedFeatureReader(\n        ragged_values_list[next_ragged], ragged_splits_list[next_ragged],\n        features));\n    next_ragged++;\n  } else if (c == \u0027S\u0027) {\n    TF_RETURN_IF_ERROR(BuildSparseFeatureReader(\n        sparse_indices_list[next_sparse], sparse_values_list[next_sparse],\n        batch_size, features));\n    next_sparse++;\n  } else if (c == \u0027D\u0027) {\n    TF_RETURN_IF_ERROR(\n        BuildDenseFeatureReader(dense_list[next_dense++], features));\n  }\n  ...\n}\n```\n\nEach of the above branches call a helper function after accessing array elements via a `*_list[next_*]` pattern, followed by incrementing the `next_*` index. However, as there is no validation that the `next_*` values are in the valid range for the corresponding `*_list` arrays, this results in heap OOB reads.\n\n### Patches\nWe have patched the issue in GitHub commit [44b7f486c0143f68b56c34e2d01e146ee445134a](https://github.com/tensorflow/tensorflow/commit/44b7f486c0143f68b56c34e2d01e146ee445134a).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Ying Wang and Yakun Zhang of Baidu X-Team.",
  "id": "GHSA-j47f-4232-hvv8",
  "modified": "2024-10-30T23:21:38Z",
  "published": "2021-05-21T14:22:17Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j47f-4232-hvv8"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29532"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/commit/44b7f486c0143f68b56c34e2d01e146ee445134a"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-460.yaml"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-658.yaml"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-169.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/tensorflow/tensorflow"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Heap out of bounds read in `RaggedCross`"
}

GHSA-J47J-87R4-F9CC

Vulnerability from github – Published: 2022-05-24 16:46 – Updated: 2024-04-04 00:48
VLAI
Details

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-7081"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-05-24T19:29:00Z",
    "severity": "HIGH"
  },
  "details": "Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.",
  "id": "GHSA-j47j-87r4-f9cc",
  "modified": "2024-04-04T00:48:36Z",
  "published": "2022-05-24T16:46:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7081"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-07.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-J4H2-JW6H-J8VX

Vulnerability from github – Published: 2022-09-17 00:00 – Updated: 2022-09-17 00:00
VLAI
Details

Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-38431"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-09-16T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
  "id": "GHSA-j4h2-jw6h-j8vx",
  "modified": "2022-09-17T00:00:33Z",
  "published": "2022-09-17T00:00:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38431"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/photoshop/apsb22-52.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-5
Implementation

Strategy: Input Validation

  • Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
  • When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
  • Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
  • To reduce the likelihood of introducing an out-of-bounds read, ensure that you validate and ensure correct calculations for any length argument, buffer size calculation, or offset. Be especially careful of relying on a sentinel (i.e. special character such as NUL) in untrusted inputs.
Mitigation
Architecture and Design

Strategy: Language Selection

Use a language that provides appropriate memory abstractions.

CAPEC-540: Overread Buffers

An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.