CVE-2021-33649

Summary

When performing the inference shape operation of the Transpose operator, if the value in the perm element is greater than or equal to the size of the input_shape, it will access data outside of bounds of input_shape which allocated from heap buffers.

Affected Software

VendorProductVersion RangeStatus
n/aopenEuler:mindspore>= 0.7.0-beta, < 1.3.0affected

Weaknesses

  • CWE-125: CWE-125 Out-of-bounds Read

ADP Enrichment

CVE Program Container

Additional References

References