Description
In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements() in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions using 32-bit unsigned arithmetic without overflow detection, causing GetNumBytes() to return an understated allocation size. During Optimize()->InferOutputShapes(), the BatchToSpaceNdLayer reads beyond the allocated buffer.
Published: 2026-05-22
Score: 6.2 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An unchecked integer overflow in ArmNN’s TensorShape::GetNumElements() causes the number of tensor elements to be under‑computed. During model optimisation, the resulting GetNumBytes() value is too small for the actual data size, and the BatchToSpaceNdLayer reads beyond the allocated heap buffer. This over‑read can expose data or crash the application, compromising confidentiality, integrity and availability. The core weakness is an unchecked integer overflow that propagates to a buffer over‑read, fitting CWE‑680, CWE‑126, and CWE‑190 patterns.

Affected Systems

The flaw resides in the ArmNN Tensor implementation used for TensorFlow Lite parsing. Systems that load and optimise TFLite models with ArmNN, such as embedded ARM devices or server‑side inference pipelines, are affected. The vulnerability applies to all releases through the 2026‑03‑27 build of the library, as no specific fixed versions are identified.

Risk and Exploitability

The vulnerability has no public exploit score, and it is not listed in the CISA KEV catalog, but it has a high potential impact if a malicious TFLite file can be supplied to the host. The CVSS score is 6.2, indicating moderate severity. The EPSS score is <1%, suggesting low exploitation probability. Attackers who can control the model input can trigger the overflow, leading to a buffer over‑read. The attack likely requires local or network delivery of a crafted model file; no privileged escalation is believed necessary. Given the absence of existing patches, the risk remains significant for un‑updated installations.

Generated by OpenCVE AI on May 26, 2026 at 17:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update to a fixed ArmNN release that eliminates the unchecked 32‑bit multiplication for tensor dimensions.
  • Validate or sanitize incoming TFLite models before optimisation, ensuring dimensions do not exceed safe limits.
  • Implement runtime checks for tensor size calculations or use a safe integer library to detect and prevent overflows.

Generated by OpenCVE AI on May 26, 2026 at 17:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 26 May 2026 18:15:00 +0000

Type Values Removed Values Added
Title Integer Overflow in ArmNN Tensor Shape Causes Buffer Over‑read

Tue, 26 May 2026 16:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-190
Metrics cvssV3_1

{'score': 6.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 25 May 2026 12:15:00 +0000

Type Values Removed Values Added
First Time appeared Arm
Arm armnn
Vendors & Products Arm
Arm armnn

Fri, 22 May 2026 19:45:00 +0000

Type Values Removed Values Added
Title Integer Overflow in ArmNN Tensor Shape Causes Buffer Over‑read
Weaknesses CWE-126
CWE-680

Fri, 22 May 2026 18:00:00 +0000

Type Values Removed Values Added
Description In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements() in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions using 32-bit unsigned arithmetic without overflow detection, causing GetNumBytes() to return an understated allocation size. During Optimize()->InferOutputShapes(), the BatchToSpaceNdLayer reads beyond the allocated buffer.
References

Subscriptions

Arm Armnn
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-05-26T15:16:51.610Z

Reserved: 2026-04-29T00:00:00.000Z

Link: CVE-2026-42627

cve-icon Vulnrichment

Updated: 2026-05-26T15:16:48.765Z

cve-icon NVD

Status : Deferred

Published: 2026-05-22T18:16:22.593

Modified: 2026-05-26T16:16:24.957

Link: CVE-2026-42627

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-26T18:00:14Z

Weaknesses
  • CWE-126

    Buffer Over-read

  • CWE-190

    Integer Overflow or Wraparound

  • CWE-680

    Integer Overflow to Buffer Overflow