Upload README.md with huggingface_hub
Browse files
README.md
ADDED
|
@@ -0,0 +1,35 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
# TensorRT Engine Stack Buffer Overrun PoC (VULN-009)
|
| 2 |
+
|
| 3 |
+
## Vulnerability
|
| 4 |
+
|
| 5 |
+
Stack-based buffer overflow (CWE-121) in TensorRT engine deserializer (libnvinfer.dll).
|
| 6 |
+
A single-byte mutation in the NGNE section of a valid engine file triggers
|
| 7 |
+
STATUS_STACK_BUFFER_OVERRUN (0xC0000409) during deserializeCudaEngine().
|
| 8 |
+
|
| 9 |
+
## Distinction from VULN-006
|
| 10 |
+
|
| 11 |
+
| | VULN-006 | VULN-009 |
|
| 12 |
+
|---|---------|---------|
|
| 13 |
+
| Exception | ACCESS_VIOLATION (0xC0000005) | STACK_BUFFER_OVERRUN (0xC0000409) |
|
| 14 |
+
| CWE | CWE-125 (OOB Read) | CWE-121 (Stack-based Buffer Overflow) |
|
| 15 |
+
| Mechanism | Corrupted pointer dereference | Stack cookie corruption |
|
| 16 |
+
| Security implication | Read primitive | Write primitive (potential RCE) |
|
| 17 |
+
| Crash offsets | 3 offsets | 140 offsets |
|
| 18 |
+
|
| 19 |
+
## Tested On
|
| 20 |
+
- TensorRT 10.15.1.29
|
| 21 |
+
- Windows, RTX 4080 Super, CUDA 12.x
|
| 22 |
+
|
| 23 |
+
## Reproduction
|
| 24 |
+
|
| 25 |
+
```bash
|
| 26 |
+
python vuln009_standalone_poc.py build
|
| 27 |
+
python vuln009_standalone_poc.py crash
|
| 28 |
+
python vuln009_standalone_poc.py verify
|
| 29 |
+
```
|
| 30 |
+
|
| 31 |
+
## Files
|
| 32 |
+
- vuln009_standalone_poc.py - self-contained PoC script
|
| 33 |
+
- vuln009_valid.engine - clean engine (3,708 bytes)
|
| 34 |
+
- vuln009_crash.engine - crash engine (1 byte different at offset 498)
|
| 35 |
+
- vuln009_meta.txt - crash metadata
|