158 Star 963 Fork 205

MindSpore / community

加入 Gitee
与超过 1000 万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
克隆/下载
mssa-2021-005_en.md 775 Bytes
一键复制 编辑 Web IDE 原始数据 按行查看 历史
chengxb7532 提交于 2021-10-26 21:25 . modify spelling mistake

MSSA-2021-005 - Security Advisory

Published Date

2021-10-18

Last Modified Date

2021-10-25

Impact

When performing the inference shape operation of the SparseToDense operator, if the number of inputs is less than three, it will access data outside of bounds of inputs which allocated from heap buffers.

Patch

We have fixed this issue in version 1.3.0 through commit 5aab6599e7280d2512a87434c174f13a0a2e7008, and created a patch for this vulnerability.

CVE

To be updated.

Attribution

This vulnerability has been reported by Wang Xuan(@May) of Qihoo 360 AIVul Team.

1
https://gitee.com/mindspore/community.git
git@gitee.com:mindspore/community.git
mindspore
community
community
master

搜索帮助