FPE in paddle.linalg.matrix_rank in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service.
{ "vanir_signatures": [ { "target": { "function": "Generator::Seed", "file": "paddle/phi/core/generator.cc" }, "id": "CVE-2023-38675-046644c3", "signature_version": "v1", "digest": { "length": 156.0, "function_hash": "239500985334675174888250813168488098656" }, "source": "https://github.com/paddlepaddle/paddle/commit/e032331bf78b0f9b51806c6761254c8b977f02b4", "signature_type": "Function", "deprecated": false }, { "target": { "function": "Generator::RegisterStateIndex", "file": "paddle/phi/core/generator.cc" }, "id": "CVE-2023-38675-0e8f7d38", "signature_version": "v1", "digest": { "length": 219.0, "function_hash": "230033932635798785943079406653443876555" }, "source": "https://github.com/paddlepaddle/paddle/commit/e032331bf78b0f9b51806c6761254c8b977f02b4", "signature_type": "Function", "deprecated": false }, { "target": { "function": "Generator::GetStateIndex", "file": "paddle/phi/core/generator.cc" }, "id": "CVE-2023-38675-1b98c683", "signature_version": "v1", "digest": { "length": 63.0, "function_hash": "120786397199584592521307948683068653556" }, "source": "https://github.com/paddlepaddle/paddle/commit/e032331bf78b0f9b51806c6761254c8b977f02b4", "signature_type": "Function", "deprecated": false }, { "target": { "function": "BindGenerator", "file": "paddle/fluid/pybind/generator_py.cc" }, "id": "CVE-2023-38675-202ae4e6", "signature_version": "v1", "digest": { "length": 2522.0, "function_hash": "283871735365494171564731756495214400450" }, "source": "https://github.com/paddlepaddle/paddle/commit/e032331bf78b0f9b51806c6761254c8b977f02b4", "signature_type": "Function", "deprecated": false }, { "target": { "function": "Generator::SetStateIndex", "file": "paddle/phi/core/generator.cc" }, "id": "CVE-2023-38675-3d233e70", "signature_version": "v1", "digest": { "length": 253.0, "function_hash": "333687274032391901281842481148634129176" }, "source": "https://github.com/paddlepaddle/paddle/commit/e032331bf78b0f9b51806c6761254c8b977f02b4", "signature_type": "Function", "deprecated": false }, { "target": { "function": "Generator::Generator", "file": "paddle/phi/core/generator.cc" }, "id": "CVE-2023-38675-46bb5899", "signature_version": "v1", "digest": { "length": 135.0, "function_hash": "83118673736165954842944717088546060640" }, "source": "https://github.com/paddlepaddle/paddle/commit/e032331bf78b0f9b51806c6761254c8b977f02b4", "signature_type": "Function", "deprecated": false }, { "target": { "file": "paddle/phi/core/generator.cc" }, "id": "CVE-2023-38675-48d333d0", "signature_version": "v1", "digest": { "line_hashes": [ "265928118191400720047210313280047127598", "272622933404579787850095348329232686481", "46624885243528512209166436417597133312", "177682452235875615001524408595266770644", "21207801227308957534479762313363362488", "337532988921587509608040734749962920611", "74558531669743110522494508259789462318", "102215090145743430287902829317383041375", "325109708320089851407008517226508700646", "108693249346028372081047376287557981187", "210032472419649291646696795361280834029", "331642704695283352889791814656026713157", "230019654366932550367865122053255306778", "261283843191651949163672712061566926581", "74790299217517700714462026122737098232", "157905197100266311129354056821675760", "53207305020768801999661677411119346196", "69630499524509178676518528803172725503", "272180624771116381273057154432612450405", "42532369569679143979828625691131369865", "296402512747916930420340782411933172965", "157805401345815085565436854964162282286", "2498464149301671729081674085933062053", "60281455153380312061063931848387212502", "265763341497360602640130763314392026414", "141116732186432812655423482317724344059", "117954424821089363478341837242678739708", "257417114474703961609202966232911580471", "321965740830709869550413004109402338231", "323294193612439723066879606470949433758", "301623177952016919685239763869223710513", "87310071829886749727948738332609575984", "132505984682503355354668196105251789206", "167315548611799107607623618879880551195", "10749984626625740743780976893991865112", "222050606542540719310806821889652633500", "153818771021015689655559962820414776510", "98333079707992713240081302179374958636", "261379467099340768998529188895862905250", "71789204443445467574417577145539741131", "259079884464626459867700781263625627946", "32104271954794152477756500004175372109", "95778628166817201366425632317826375004", "146758050313779953894113297209748610315", "41955350397475677248873377290394578468", "327662601588414068922302634928881891233", "100443505792418942427732062104530311784", "263024071289842418126419112954069550541", "156075801151172212377559229882845629383", "214551703225584803009761872108634333883", "73009413192304115488295667883991641497", "62404116452010217616356089405563882177", "135392507749657898977295419473453681370", "335079139321379939545177995321951947857", "305354161816342942369977200695156204291", "252914702989514255143839086193867065913", "303369414982870582811241866161026659990", "239586199705009259570304427323965300991", "185082795870574001470836397740178737742", "248970156240868039956684101767244931069", "174988561086583766143068726038973737780", "235274924806456531132193285710530890925", "217402352192057918804504652936752584868", "293022501181705368875088021018141092914", "200102467346150068384150947233763543911", "223206605819506805101412218102868998494", "146274118527299557133898779326642247612", "192261772047051687460521079273456336810", "168294171798318236345526335176844335202", "107243232970445862127348169632837302364", "159155101125319594152135540265862085078", "62524821215367150890817946518738700770", "229220146629605619584959625287743959564", "230221713661029011008575559657437462982", "292662079524911169136967427281055283917", "300683434819193267263190867210468547282", "335819580610159370825446163053865270719", "72522956077877032293621642780304438581", "123755375535312845196213932732262612743", "151374530385860525886663092170536894294", "240764077812998586565668304309255421319", "231221436149751869331896706380590678352", "207430511657233818829579198169180346701", "162576751238844108582692880558420199909", "252400160255644608712451741316760844593", "336766982203250491701291978681151527632", "78351085631014184913576459416212797186", "148614325570106064020694898545849203292", "45472137549822058134991176303056040599", "284236578530060206298023876113051360691", "259696458021102769308994685089263969710", "56817492105209676178590342538756154502", "310109385687518800570668489456262046704", "268139035717367931999868442588917527703", "53203037225940188828414376792893676616", "226690682189715742972049737838037813520", "52482613052902022707128693622856666052", "121790257225304001820506101598971364493", "101465361708566732254040538590726298433", "18919792196725802531147054655871369517", "142541225704083143782870745582784347261" ], "threshold": 0.9 }, "source": "https://github.com/paddlepaddle/paddle/commit/e032331bf78b0f9b51806c6761254c8b977f02b4", "signature_type": "Line", "deprecated": false }, { "target": { "function": "Generator::IncrementOffset", "file": "paddle/phi/core/generator.cc" }, "id": "CVE-2023-38675-6c4b2eeb", "signature_version": "v1", "digest": { "length": 424.0, "function_hash": "338747127004990706310434599245859715432" }, "source": "https://github.com/paddlepaddle/paddle/commit/e032331bf78b0f9b51806c6761254c8b977f02b4", "signature_type": "Function", "deprecated": false }, { "target": { "function": "Generator::GetState", "file": "paddle/phi/core/generator.cc" }, "id": "CVE-2023-38675-7ca2819f", "signature_version": "v1", "digest": { "length": 69.0, "function_hash": "138622112641288570247443411790556514671" }, "source": "https://github.com/paddlepaddle/paddle/commit/e032331bf78b0f9b51806c6761254c8b977f02b4", "signature_type": "Function", "deprecated": false }, { "target": { "function": "Generator::cpu_engine", "file": "paddle/phi/core/generator.cc" }, "id": "CVE-2023-38675-8d7326c2", "signature_version": "v1", "digest": { "length": 66.0, "function_hash": "98071503706247085909376830531229778754" }, "source": "https://github.com/paddlepaddle/paddle/commit/e032331bf78b0f9b51806c6761254c8b977f02b4", "signature_type": "Function", "deprecated": false }, { "target": { "function": "Generator::state", "file": "paddle/phi/core/generator.cc" }, "id": "CVE-2023-38675-8e2d81ca", "signature_version": "v1", "digest": { "length": 199.0, "function_hash": "241301495844633411072193117429160850294" }, "source": "https://github.com/paddlepaddle/paddle/commit/e032331bf78b0f9b51806c6761254c8b977f02b4", "signature_type": "Function", "deprecated": false }, { "target": { "function": "Generator::Generator", "file": "paddle/phi/core/generator.cc" }, "id": "CVE-2023-38675-9710fcdf", "signature_version": "v1", "digest": { "length": 142.0, "function_hash": "193913984839271474627719324776663751060" }, "source": "https://github.com/paddlepaddle/paddle/commit/e032331bf78b0f9b51806c6761254c8b977f02b4", "signature_type": "Function", "deprecated": false }, { "target": { "function": "Generator::Generator", "file": "paddle/phi/core/generator.cc" }, "id": "CVE-2023-38675-a1718b0f", "signature_version": "v1", "digest": { "length": 151.0, "function_hash": "120468473134354533100238347823545023555" }, "source": "https://github.com/paddlepaddle/paddle/commit/e032331bf78b0f9b51806c6761254c8b977f02b4", "signature_type": "Function", "deprecated": false }, { "target": { "function": "Generator::Random64", "file": "paddle/phi/core/generator.cc" }, "id": "CVE-2023-38675-bb85724d", "signature_version": "v1", "digest": { "length": 139.0, "function_hash": "175428651539261594110005730541562983667" }, "source": "https://github.com/paddlepaddle/paddle/commit/e032331bf78b0f9b51806c6761254c8b977f02b4", "signature_type": "Function", "deprecated": false }, { "target": { "file": "paddle/phi/kernels/funcs/dropout_impl.cu.h" }, "id": "CVE-2023-38675-be74ef6d", "signature_version": "v1", "digest": { "line_hashes": [ "179855158253358303140938152317443658785", "47628920965608323964175852927314413951", "10506162568866991564215369385018017058", "130502698469305107474419698841270779021", "245001714554571343112980486647296851456", "262395705774323082485707455390162914765", "146789568002060510884549284289588324069", "118296592240099359607926194722719157748", "242322379120913576749400369872717298273", "31952799065941100771753380958675757311", "217152433654265997486369027939656442813", "139597065642196736942086534054384179055", "6826239069139724698173814816345634641", "158597989349456633875737787267303003508", "302551442023004833098055760937482219426", "230102399422166357264384724988916489105", "280998085537600649290941413718834477124", "258812261948511456352694698526549135965", "134330127954443982684809423845614308657", "90818768143265982160431878361053261056", "101347398019404473272854744123353671407", "207151662549120604061733533343850787799", "327810158641251685703588433941496323580", "295838690404010328948746259916009167089", "315946620167039911861291885876455543453" ], "threshold": 0.9 }, "source": "https://github.com/paddlepaddle/paddle/commit/e032331bf78b0f9b51806c6761254c8b977f02b4", "signature_type": "Line", "deprecated": false }, { "target": { "function": "Generator::GetCPUEngine", "file": "paddle/phi/core/generator.cc" }, "id": "CVE-2023-38675-c968ae1a", "signature_version": "v1", "digest": { "length": 55.0, "function_hash": "329465957493721322734282272030294297461" }, "source": "https://github.com/paddlepaddle/paddle/commit/e032331bf78b0f9b51806c6761254c8b977f02b4", "signature_type": "Function", "deprecated": false }, { "target": { "function": "Generator::print_state_info", "file": "paddle/phi/core/generator.cc" }, "id": "CVE-2023-38675-caba8f4c", "signature_version": "v1", "digest": { "length": 252.0, "function_hash": "13960433209740929156043580696702739851" }, "source": "https://github.com/paddlepaddle/paddle/commit/e032331bf78b0f9b51806c6761254c8b977f02b4", "signature_type": "Function", "deprecated": false }, { "target": { "function": "GetCPURandomEngine", "file": "paddle/phi/core/generator.cc" }, "id": "CVE-2023-38675-dc7f8e43", "signature_version": "v1", "digest": { "length": 347.0, "function_hash": "18746054160251631307333204663047065297" }, "source": "https://github.com/paddlepaddle/paddle/commit/e032331bf78b0f9b51806c6761254c8b977f02b4", "signature_type": "Function", "deprecated": false }, { "target": { "file": "paddle/phi/core/generator.h" }, "id": "CVE-2023-38675-e25189f1", "signature_version": "v1", "digest": { "line_hashes": [ "138517312043559641105028473749817076751", "80259142261604417293512335214968336629", "222920604528924806956268913661336521860", "58354901853255714675284240627422522122", "98515978780036549742013602152951375466", "223374859491463975834125631172671736456", "91856758149948536348996930162402190373", "308778596342560638934766472867662550204", "32159554647619414773738015750345078191", "107692766204661273275752000047145624644", "161624572676303983315571307793326601244", "18117355316511686544476199875157426266", "42257560137791746373807905667091748662", "69342513508911512375213628555463732363", "69085826313059357322193185616901625756", "259115362194962596838158825765343268786", "40549724359263832284883040167005208880", "247111330327842197614074632369514950241", "83130690629451849897211903461190660808", "340140208742949700199520214599341646092", "266677870511506173147456705149640702752", "256249499077282319798580489514703257197", "191818688465882037351112863709979906242", "219004743694944149443982338761170036837", "227572540311422928321196573964344222790", "230566813958224639599712747862180968597", "243835782890825265017743211921652028625", "97102670383443425998882752411180932935", "178367205568878375355004278632501709731", "252952764832391869791790450021366383863", "333999910720680966972641314117891207140", "274138496269154701209499929424780421745", "62396609866068261013828539624857268316", "286370018259402917986493158368263468255", "224543858553278665768919302279745971577", "318522597698578876081048625884629429310", "320301713320334309492971127872566892814", "227174759408264236292571114390388986066", "253807635285162023272943356544933917390", "335165227608329211084770061355791503540", "67332939453207378469501752225485739962", "109774128744994855033901025180590277542", "232567107915981374220957395964867268881", "128376922522337427588653943219569380623", "104442464602379966971982456476984073097", "292902626535503477118633922925130377197", "193464794802571783796600262040874908483", "136942021313436681231549247165799919824", "106623688246825189926918043702706995171", "2219754132169831003430244168120061124", "291195510420213367512421412753490588347", "258267706525539835540646301036496484619", "82438714307010152340402302066106094330", "41445947340969956222757853096392390218", "195351119288175985818523746753295253543", "124193487154203424627416865844195734863", "4634950286325749884742776739818535843", "327791860105100528587388729137562767919", "20936055741661765443429873568428850976", "151115596524709153405361624511458122607", "132338217962987228587913516179321570083", "127245012004693266039920925354922899827", "247754074095295019074140200262383439002", "318522798994492482339289300514109134813" ], "threshold": 0.9 }, "source": "https://github.com/paddlepaddle/paddle/commit/e032331bf78b0f9b51806c6761254c8b977f02b4", "signature_type": "Line", "deprecated": false }, { "target": { "function": "Generator::GetCurrentSeed", "file": "paddle/phi/core/generator.cc" }, "id": "CVE-2023-38675-e3822b52", "signature_version": "v1", "digest": { "length": 124.0, "function_hash": "147487720334617441498980555761271441890" }, "source": "https://github.com/paddlepaddle/paddle/commit/e032331bf78b0f9b51806c6761254c8b977f02b4", "signature_type": "Function", "deprecated": false }, { "target": { "function": "Generator::SetCurrentSeed", "file": "paddle/phi/core/generator.cc" }, "id": "CVE-2023-38675-ea06c92c", "signature_version": "v1", "digest": { "length": 140.0, "function_hash": "125306877653863941422745072464082468630" }, "source": "https://github.com/paddlepaddle/paddle/commit/e032331bf78b0f9b51806c6761254c8b977f02b4", "signature_type": "Function", "deprecated": false }, { "target": { "function": "Generator::SetState", "file": "paddle/phi/core/generator.cc" }, "id": "CVE-2023-38675-f6aaa8ef", "signature_version": "v1", "digest": { "length": 295.0, "function_hash": "312768151555233570575419716106100902557" }, "source": "https://github.com/paddlepaddle/paddle/commit/e032331bf78b0f9b51806c6761254c8b977f02b4", "signature_type": "Function", "deprecated": false }, { "target": { "file": "paddle/fluid/pybind/generator_py.cc" }, "id": "CVE-2023-38675-f7051cb9", "signature_version": "v1", "digest": { "line_hashes": [ "134029036164171836227056184847072794021", "280841076506487408668814961443793160597", "124691349230736455319049857080240327403", "105791388447887662222992789894749146514", "261884892280779027637049218389126198316", "145031561577454445827405559698768845754", "289026281683293777009906615819598952695", "254629039571719511388066828266927146968", "208552561204891936619429700761425119042", "203963668466930872015470081523542495196", "248698354077569596684238836960528093513", "12497758425001655283392165448590941681", "217514495180004504896936105401770918156", "161916710764144354629684235357043264203", "26701886742452215329352774743262399087", "37396192465348235713735574756509998076", "81052641387879367805250453022836613978", "316742453762578240982170841436386688082", "59122776700224578488950124914937931154", "208807956022376225775388731870021915963", "247276142792037218250512390221345474417", "223705769961608976246415715751413649435", "153463308144380135936831095285059381882", "249180736393506023357366914722776437615", "177384034391966529092868743756635601143", "3969074924674508583973082649655965058", "257920340570808020704042495296893359789", "147250656556849384807193523869330295690" ], "threshold": 0.9 }, "source": "https://github.com/paddlepaddle/paddle/commit/e032331bf78b0f9b51806c6761254c8b977f02b4", "signature_type": "Line", "deprecated": false } ] }