MindSpore Security
MindSpore is a training and inference framework that supports device, edge, and cloud scenarios. It is widely used in various fields, such as terminals, edge computing, cloud services, network devices, storage devices, and 5G, and needs to meet application security requirements in preceding scenarios.
As a general-purpose computing framework, MindSpore can run on different chip platforms such as the CPU, GPU, and Ascend. Users provide data or models as the input and obtain training models or inference results. As core assets in the AI field, data and models are necessary for continuous security protection of AI systems.
We also provide suggestions on secure running of key components:
To build a more secure AI framework, we sincerely invite you to join us.
Vulnerability Handling Process
Each security vulnerability is tracked and handled by a designated person who is responsible for tracking, resolving, and disclosing the vulnerability. The following flowchart shows the E2E vulnerability handling process.
Vulnerability Reporting
To ensure security, please use the PGP public key to encrypt your email before sending it.
Reporting Content
To quickly identify and verify suspected vulnerabilities, the reporting e-mail should use Suspected Security Issue Reporting Template to include but is not limited to the following content:
- Basic information: including the modules affected by the vulnerability, triggering conditions of the vulnerability, and impact on the system after the vulnerability is exploited.
- Technical details: including system configuration, fault locating method, description of exploit, POC, and method and procedure of fault reproduction.
- Suggestions on resolving the vulnerability.
- Organization and contact information of the vulnerability reporter.
- Reporter's possible plan for vulnerability disclosure.
E-mail Response
Your email will be confirmed within one working day. Within seven days, we will provide more detailed replies to your suspected security issues and provide the next-step handling policy.
Vulnerability Severity Assessment
The Common Vulnerability Scoring System (CYSS) is widely used in the industry to assess vulnerability severity. Currently MindSpore is using CVSS v3 to assess vulnerabilities, and such assessment focuses on the impact caused by the vulnerability in a preset attack scenario. The vulnerability severity assessment covers factors such as the exploit difficulty and the impact of vulnerability exploit on the confidentiality, integrity, and availability of the product. A score will be given after these factors are assessed.
Assessment Criteria
The CVSS v3 adopted by the openEuler community assesses the impact of a vulnerability based on the following variables:
- Attack vector (AV): indicating the remoteness of an attack and how to exploit this vulnerability.
- Attack complexity (AC): describing the difficulty in executing an attack and the conditions for a successful attack.
- User interaction (UI): determining whether the attack requires users' participation.
- Permission required (PR): recording the level of user authorization required for a successful attack.
- Scope (S): determining whether an attack can affect components of different permission levels.
- Confidentiality (C): measuring the impact of unauthorized information disclosure.
- Integrity (I): measuring the impact of information tampering.
- Availability (A): measuring the impact on data access or services for users affected by the vulnerability.
Assessment Principles
- The severity of a vulnerability is assessed, not the risk of the vulnerability.
- The assessment must be based on an attack scenario where the system confidentiality, integrity, and availability are affected by a successful attack.
- When a security vulnerability has multiple attack scenarios, the attack scenario with the highest CVSS score (that is, with the greatest impact) shall prevail in the assessment.
- When a library that is embedded or invoked has vulnerabilities, the assessment on its vulnerability severity should be based on an attack scenario, which is determined by the usage of the library in the product.
- When a security defect does not trigger or affect the confidentiality/integrity/availability (CIA), the CVSS score is 0.
Assessment Procedure
Perform this procedure to assess a vulnerability:
- Set a possible attack scenario and score based on this attack scenario.
- Identify vulnerable components and affected components.
- Select the value of the basic assessment indicator, and perform the vulnerability impact assessment based on the exploitable indicators (attack vector, attack complexity, permission required, user interaction, and scope) and affected indicators (confidentiality, integrity, and availability).
Severity Rating
Severity Rating |
Score |
Critical |
9.0 - 10.0 |
High |
7.0 - 8.9 |
Medium |
4.0 - 6.9 |
Low |
0.1 - 3.9 |
None |
0.0 |
Vulnerability Disclosure
For the security of MindSpore users, the MindSpore community will not discuss, confirm, or disclose the security issues of a MindSpore product until the vulnerability is investigated and resolved and the security announcement is issued. After a security vulnerability is resolved, the MindSpore community will release a security announcement(SA) and a security notice(SN), with information including the technical details, type,reporter,CVE ID, and severity level of the vulnerability, as well as the affected and fixed versions.
MindSpore Security Advisory (SA)
Advisory Number |
Type |
Versions affected |
Reported by |
Additional Information |
MSSA-2021-008 |
Heap buffer overflow in MindSpore Lite Tile operator |
>= 0.7.0-beta, < 1.3.0 |
Wang Xuan(@May) of Qihoo 360 AIVul Team |
CVE-2021-33647 |
MSSA-2021-007 |
Heap buffer overflow in MindSpore Lite infer shape operations |
>= 1.1.0, < 1.3.0 |
Wang Xuan(@May) of Qihoo 360 AIVul Team |
CVE-2021-33648 |
MSSA-2021-006 |
Heap buffer overflow in MindSpore Lite Transpose operator |
>= 0.7.0-beta, < 1.3.0 |
Wang Xuan(@May) of Qihoo 360 AIVul Team |
CVE-2021-33649 |
MSSA-2021-005 |
Heap buffer overflow in MindSpore Lite SparseToDense operator |
>= 1.2.0, < 1.3.0 |
Wang Xuan(@May) of Qihoo 360 AIVul Team |
CVE-2021-33650 |
MSSA-2021-004 |
Division by 0 in MindSpore Lite DepthwiseConv2D parse operations |
>= 1.1.0, < 1.3.0 |
Wang Xuan(@May) of Qihoo 360 AIVul Team |
CVE-2021-33651 |
MSSA-2021-003 |
Division by 0 in MindSpore Lite Reduce operator |
>= 0.7.0-beta, < 1.3.0 |
Wang Xuan(@May) of Qihoo 360 AIVul Team |
CVE-2021-33652 |
MSSA-2021-002 |
Division by 0 in MindSpore Lite SpaceToBatch operator |
>= 0.7.0-beta, < 1.3.0 |
Wang Xuan(@May) of Qihoo 360 AIVul Team |
CVE-2021-33653 |
MSSA-2021-001 |
Division by 0 in MindSpore Lite Split operator |
>= 0.7.0-beta, < 1.3.0 |
Wang Xuan(@May) of Qihoo 360 AIVul Team |
CVE-2021-33654 |
MindSpore Security Note (SN)
CVE list |
Third party version |
Suggestion |
CVE-2019-18348, CVE-2020-8315, CVE-2020-8492, CVE-2020-27619, CVE-2021-3426, CVE-2021-23336, CVE-2019-20907, CVE-2021-3177 |
Python 3.7.5 |
|
CVE-2019-19911, CVE-2020-5310, CVE-2020-5311, CVE-2020-5312, CVE-2020-5313 |
Pillow < 6.2.2 |
Upgrade to latest Pillow (8.2.0) |
CVE-2020-10177, CVE-2020-10378, CVE-2020-10379, CVE-2020-10994, CVE-2020-11538 |
Pillow < 7.1.0 |
Upgrade to latest Pillow (8.2.0) |
CVE-2020-15999 |
Pillow < 8.0.1 |
Upgrade to latest Pillow (8.2.0) |
CVE-2020-35653, CVE-2020-35654, CVE-2020-35655 |
Pillow < 8.1.0 |
Upgrade to latest Pillow (8.2.0) |
CVE-2021-25289, CVE-2021-25290, CVE-2021-25291, CVE-2021-25292, CVE-2021-25293, CVE-2021-27921, CVE-2021-27922, CVE-2021-27923 |
Pillow < 8.1.1 |
Upgrade to latest Pillow (8.2.0) |
CVE-2021-25287, CVE-2021-25288, CVE-2021-28675, CVE-2021-28676, CVE-2021-28677, CVE-2021-28678 |
Pillow < 8.2.0 |
Upgrade to latest Pillow (8.2.0) |
CVE-2021-34552 |
Pillow <= 8.2.0 |
Upgrade to latest Pillow (8.4.0) |
CVE-2021-41496 |
NumPy < 1.19 |
Upgrade NumPy version >= 1.22.0 |
CVE-2021-34141 |
NumPy < 1.22.0 |
Upgrade NumPy version >= 1.22.0 |
CVE-2021-41495 |
NumPy <= 1.22.0 |
Refer issue |
CC Certificate
MindSpore 1.9.0 is in the process of CC (Common Criteria) EAL4+ certification, and the following is the user guide and code check document for the certification