YAML Metadata Warning: empty or missing yaml metadata in repo card (https://huggingface.co/docs/hub/model-cards#model-card-metadata)

PoC: CNTK CPUMatrix/GPUMatrix Deserialization Heap Overflow (CWE-190)

Vulnerability

CNTK's native model file deserialization reads matrix dimensions as size_t from binary model files and multiplies them without overflow checking for heap allocation.

// CPUMatrix.h:535-536
size_t numRows, numCols;
stream >> matrixName >> format >> numRows >> numCols;  // from file
ElemType* d_array = new ElemType[numRows * numCols];   // NO OVERFLOW CHECK

Same vulnerability exists in GPUMatrix.h:657.

CWE-190: Integer Overflow or Wraparound
CWE-122: Heap-based Buffer Overflow
CVSS: 8.8 (High)
Repository: https://github.com/microsoft/CNTK (archived)

Files

File	Description
`poc_cntk_cpumatrix_overflow.py`	Demonstrates the integer overflow with crafted dimensions

Attack Chain

Crafted .model/.dnn file
  → ComputationNetwork::Read()          [ComputationNetwork.cpp:323]
  → ReadPersistableParameters()         [ComputationNetwork.cpp:255]
  → node->Load(fstream, modelVersion)   [ComputationNetwork.cpp:299]
  → operator>>(File&, CPUMatrix&)       [CPUMatrix.h:525]
  → new ElemType[numRows * numCols]     [CPUMatrix.h:536] ← OVERFLOW

Overflow Examples

numRows	numCols	Product (size_t)	Allocation
`2^32`	`2^32`	wraps to `0`	0 bytes
`SIZE_MAX`	`2`	wraps to `SIZE_MAX-1`	near-max
`2^33+1`	`2^31`	wraps to `2^31`	8 GB

Downloads last month: -; Downloads are not tracked for this model. How to track

Inference Providers NEW

This model isn't deployed by any Inference Provider. 🙋 Ask for provider support