158 Star 963 Fork 205

MindSpore / community

加入 Gitee
与超过 1000 万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
克隆/下载
mssa-2021-006_en.md 822 Bytes
一键复制 编辑 Web IDE 原始数据 按行查看 历史
chengxb7532 提交于 2021-10-26 21:25 . modify spelling mistake

MSSA-2021-006 - Security Advisory

Published Date

2021-10-18

Last Modified Date

2021-10-25

Impact

When performing the inference shape operation of the Transpose operator, if the value in the perm element is greater than or equal to the size of the input_shape, it will access data outside of bounds of input_shape which allocated from heap buffers.

Patch

We have fixed this issue in version 1.3.0 through commit 5aab6599e7280d2512a87434c174f13a0a2e7008, and created a patch for this vulnerability.

CVE

To be updated.

Attribution

This vulnerability has been reported by Wang Xuan(@May) of Qihoo 360 AIVul Team.

1
https://gitee.com/mindspore/community.git
git@gitee.com:mindspore/community.git
mindspore
community
community
master

搜索帮助