CVE-2021-33647

HIGH

mindspore 1.0.0-1.2.9 - Out-of-bounds Write in Tile Operator Inference Shape Operation

Title source: llm
STIX 2.1

Description

When performing the inference shape operation of the Tile operator, if the input data type is not int or int32, it will access data outside of bounds of heap allocated buffers.

References (1)

Core 1

Scores

CVSS v3 7.5
EPSS 0.0085
EPSS Percentile 53.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-787
Status published
Products (2)
mindspore/mindspore 0.7.0 beta
mindspore/mindspore 1.0.0 - 1.3.0
Published Jun 27, 2022
Tracked Since Feb 18, 2026