Hugging Face's logo

ShayanBanerjeeIISc
/
tensorrt-detectionlayer-serialized-numclasses-poc

TensorRT
security
proof-of-concept
model-format
Model card Files
xet
 Community

You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

Log in or Sign Up to review the conditions and access this model content.

TensorRT DetectionLayer Serialized mNbClasses PoC

This repository contains the gated proof-of-concept model artifact for a TensorRT serialized engine parsing vulnerability in the DetectionLayer_TRT plugin.

The PoC engine was produced from a valid one-class DetectionLayer engine and then patched at the serialized plugin metadata so mNbClasses is deserialized as 2 while the backing score tensor remains one-class. During inference the plugin returns an adjacent guard value in the detection output, demonstrating out-of-bounds read / information exposure behavior from a crafted TensorRT .engine model file.

Files

  • replay_serialized_numclasses_guard_disclosure.engine: crafted PoC TensorRT engine. SHA-256: e33f5f2f6fc26d9f93a71b95b7c15a331193401f206f62b9c32f38fc63f34c70
  • negative_control_unpatched_numclasses.engine: unpatched control TensorRT engine. SHA-256: a5a8852de46b9c8e02c6bb1de3d68ee6f6b05535502dc5ed2d785b7689754d80
  • run_tensorrt_detectionlayer_serialized_numclasses_oob.py: replay helper for verifying the positive and negative-control engines.

The model files are intentionally gated for triage access.

Downloads last month
-
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support