YAML Metadata Warning:empty or missing yaml metadata in repo card
Check out the documentation for more information.
armnn CWE-787 Stack Buffer Overflow PoC
Status: READY TO SUBMIT
Severity: High (CVSS 8.8)
CWE: CWE-787 β Out-of-bounds Write
Target: ARM-software/armnn v26.01 (HEAD f8beb5a)
Platform: huntr.com
Root Cause (one line)
ToTensorInfo() copies dimensionSpecificity->size() (attacker-controlled) entries from a FlatBuffers vector into bool dimensionsSpecificity[5] stack array β no bounds check before the loop.
Vulnerable Code
src/armnnDeserializer/Deserializer.cpp, lines 746β756
bool dimensionsSpecificity[armnn::MaxNumOfTensorDimensions]; // 5-element stack array
...
size = dimensionSpecificity->size(); // attacker sets this to e.g. 64
for (unsigned int i = 0; i < size; ++i)
dimensionsSpecificity[i] = dimensionSpecificity->Get(i); // OOB write at i >= 5
Reproduce
# Step 1 β ASAN harness (confirms overflow with verbatim source code)
g++ -std=c++14 -fsanitize=address -g -O0 poc_dimspec_overflow.cpp -o poc
./poc 64
# Expected: AddressSanitizer: stack-buffer-overflow ... 'dimensionsSpecificity' overflows this variable
# Step 2 β craft real .armnn binary (passes flatbuffers::Verifier)
python3 craft_malicious_armnn.py 64
# Expected: [+] written 284 bytes β /tmp/malicious_64.armnn
Files
| File | Purpose |
|---|---|
poc_dimspec_overflow.cpp |
ASAN harness β verbatim vulnerable loop, exact constants |
craft_malicious_armnn.py |
Python crafter β produces real .armnn binary that passes Verifier |
submission.md |
Full technical writeup (markdown + code blocks) |
report.md |
Plain prose only β paste into huntr form fields |
poc-evidence.html |
Self-contained evidence page with ASAN terminal output |
Suggested Fix
Validate size <= armnn::MaxNumOfTensorDimensions before the loop and throw ParseException if exceeded.
Inference Providers NEW
This model isn't deployed by any Inference Provider. π Ask for provider support