CVE-2022-23593 – tensorflow

Package

Manager: pip
Name: tensorflow
Vulnerable Version: =2.8.0-rc0 || >=2.8.0-rc0 <2.8.0

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS: 0.00309 pctl0.53535

Details

Segfault in `simplifyBroadcast` in Tensorflow ### Impact The [`simplifyBroadcast` function in the MLIR-TFRT infrastructure in TensorFlow](https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/compiler/mlir/tfrt/jit/transforms/tf_cpurt_symbolic_shape_optimization.cc#L149-L205) is vulnerable to a segfault (hence, denial of service), if called with scalar shapes. ```cc size_t maxRank = 0; for (auto shape : llvm::enumerate(shapes)) { auto found_shape = analysis.dimensionsForShapeTensor(shape.value()); if (!found_shape) return {}; shapes_found.push_back(*found_shape); maxRank = std::max(maxRank, found_shape->size()); } SmallVector<const ShapeComponentAnalysis::SymbolicDimension*> joined_dimensions(maxRank); ``` If all shapes are scalar, then `maxRank` is 0, so we build an empty `SmallVector`. ### Patches We have patched the issue in GitHub commit [35f0fabb4c178253a964d7aabdbb15c6a398b69a](https://github.com/tensorflow/tensorflow/commit/35f0fabb4c178253a964d7aabdbb15c6a398b69a). The fix will be included in TensorFlow 2.8.0. This is the only affected version. ### For more information Please consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.

Metadata

Created: 2022-02-09T23:32:08Z
Modified: 2024-11-13T22:16:35Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-gwcx-jrx4-92w2/GHSA-gwcx-jrx4-92w2.json
CWE IDs: ["CWE-754"]
Alternative ID: GHSA-gwcx-jrx4-92w2
Finding: F002
Auto approve: 1