PatchSiren cyber security CVE debrief
CVE-2026-42627 Arm CVE debrief
## Summary CVE-2026-42627 is a medium-severity integer overflow vulnerability in Arm ArmNN through 2026-03-27. The flaw resides in `TensorShape::GetNumElements()` within `armnn/Tensor.cpp`, where 32-bit unsigned arithmetic multiplication of tensor dimensions lacks overflow detection. A crafted TFLite model can trigger this overflow, causing `GetNumBytes()` to return an understated buffer size. During the `Optimize()->InferOutputShapes()` execution path, the `BatchToSpaceNdLayer` subsequently reads beyond the allocated heap buffer, resulting in a denial-of-service condition. ## Technical Analysis The vulnerability stems from unsafe integer arithmetic in tensor dimension processing. When `GetNumElements()` multiplies dimension values using 32-bit unsigned integers without overflow checks, the product can wrap to a smaller value. This understated element count propagates to `GetNumBytes()`, which calculates allocation size based on the corrupted element count. The resulting heap buffer is smaller than required for actual tensor data. During model optimization, when `BatchToSpaceNdLayer` processes the tensor, it performs out-of-bounds memory reads against the undersized buffer. The attack vector requires local access to supply a malicious TFLite model file. The vulnerability is triggered during the model loading and optimization phase, not during inference on legitimate models. The CVSS v3.1 vector `AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H` reflects local attack vector, low attack complexity, no privileges required, no user interaction, and high availability impact through denial of service. ## Affected Products - **Product**: Arm ArmNN - **Affected Versions**: Through 2026-03-27 - **Component**: `armnn/Tensor.cpp`, `armnnTfLiteParser/TfLiteParser.cpp` The vulnerability specifically impacts the TensorFlow Lite parser and tensor shape handling components. ## Detection Guidance Organizations should monitor for: - Unexpected process termination or crashes in ArmNN-based applications during model loading - Abnormal memory access patterns in `BatchToSpaceNdLayer` operations - TFLite model files with unusually large or crafted dimension values in tensor definitions
- Vendor
- Arm
- Product
- ArmNN
- CVSS
- MEDIUM 6.2
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-22
- Original CVE updated
- 2026-05-26
- Advisory published
- 2026-05-22
- Advisory updated
- 2026-05-26
Who should care
Organizations deploying Arm ArmNN for on-device machine learning inference, particularly those accepting TFLite models from external or untrusted sources
Technical summary
Integer overflow in Arm ArmNN TensorShape::GetNumElements() enables crafted TFLite models to cause heap buffer over-read during optimization
Defensive priority
medium
Recommended defensive actions
- Apply vendor-supplied patches for Arm ArmNN when available, prioritizing systems that process untrusted TFLite model files
- Implement input validation to restrict TFLite model ingestion from untrusted sources
- Monitor ArmNN application logs for crashes during model optimization phases
- Review and update model ingestion pipelines to sanitize tensor dimension values before processing
- Consider sandboxing ArmNN model loading operations to contain potential denial-of-service impacts
Evidence notes
Vulnerability description sourced from official CVE record and NVD entry. Technical details derived from CVE description and source code references provided in NVD metadata. CVSS vector and scoring from official NVD entry. Timeline dates per CVE published (2026-05-22) and modified (2026-05-26) timestamps.
Official resources
2026-05-22