We use cookies to improve your experience on our site.
AVID-2026-R0820
Description
Vulnerability CVE-2021-33651
Details
When performing the analytical operation of the DepthwiseConv2D operator, if the attribute depth_multiplier is 0, it will cause a division by 0 exception.
Reason for inclusion in AVID: CVE-2021-33651 describes a division-by-zero vulnerability in MindSpore’s DepthwiseConv2D operator when depth_multiplier is 0. This is a flaw in an AI framework/component used in ML pipelines, affecting software that builds/trains/runs AI systems. The affected artifact (openEuler:mindspore) indicates a software supply-chain component. It is a security-related bug (potential crash/DoS) and there is explicit CVE/NVD/advisory coverage, providing sufficient evidence.
References
- NVD entry
- https://gitee.com/mindspore/community/blob/master/security/security_advisory_list/mssa-2021-004_en.md
Affected or Relevant Artifacts
- Developer: n/a
- Deployer: n/a
- Artifact Details:
| Type | Name |
|---|---|
| System | openEuler:mindspore |
Impact
AVID Taxonomy Categorization
- Risk domains: Security
- SEP subcategories: S0100: Software Vulnerability
- Lifecycle stages: L06: Deployment
CWE
| ID | Description |
|---|---|
| CWE-369 | CWE-369 Division by Zero Exception |
Other information
- Report Type: Advisory
- Credits:
- Date Reported: 2022-06-27
- Version: 0.3.3
- AVID Entry