YAML Metadata Warning:empty or missing yaml metadata in repo card
Check out the documentation for more information.
OpenVINO IR Integer Overflow PoC
Vulnerability
Integer overflow in offset+size bounds check in xml_deserialize_util.cpp.
Files
overflow_model.xml- Crafted IR model with overflow offset/size in Const layeroverflow_model.bin- Minimal weights file (256 bytes)
How to reproduce
import openvino as ov
core = ov.Core()
model = core.read_model("overflow_model.xml", "overflow_model.bin")
# Triggers integer overflow: offset(0xFFFFFFFFFFFFFF00) + size(0x200) = 0x100
# Bounds check passes (0x100 <= 256), but offset is far out of bounds
Root Cause
The bounds check m_weights->size() < offset + size uses unchecked addition.
With offset=0xFFFFFFFFFFFFFF00 and size=0x200, the sum wraps to 0x100 (256),
which equals the .bin file size, so the check passes.
The subsequent get_ptr<char>() + offset creates an out-of-bounds pointer.
Fix
Replace offset + size with overflow-safe check:
if (offset > m_weights->size() || size > m_weights->size() - offset)
OPENVINO_THROW("Incorrect weights in bin file!");
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support