Division by zero in TFLite's implementation of `GatherNd`

TensorFlow is an end-to-end open source platform for machine learning. The reference implementation of the `GatherNd` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow/tensorflow/blob/0d45ea1ca641b21b73bcf9c00e0179cda284e7e7/tensorflow/lite/kernels/internal/reference/reference_ops.h#L966). An attacker can craft a model such that `params` input would be an empty tensor. In turn, `params_shape.Dims(.)` would be zero, in at least one dimension. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

除零错误

Google TensorFlow 数字错误漏洞

Google TensorFlow是美国谷歌（Google）公司的一套用于机器学习的端到端开源平台。 TensorFlow 2.4.2,2.3.3,2.2.3，2.1.4存在数字错误漏洞，该漏洞源于`GatherNd` TFLite operator 操作符实现容易受到零错误除法的影响。

N/A

N/A