CVE-2022-23581
`CHECK`-failures during Grappler's `IsSimplifiableReshape` in Tensorflow
In short
TensorFlow's Grappler optimizer crashes when processing specially modified model files, causing the application to stop working. This allows an attacker with a modified model file to disrupt service.
Technical detail
A CHECK assertion failure in the IsSimplifiableReshape function of Grappler optimizer can be triggered by a malformed SavedModel, leading to denial of service. The attack requires the ability to supply or alter a SavedModel file before it is loaded and optimized by TensorFlow's Grappler component.
Summary generated and translated by AI from the official description.
Tensorflow is an Open Source Machine Learning Framework. The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a `SavedModel` such that `IsSimplifiableReshape` would trigger `CHECK` failures. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected products
tensorflow · tensorflowWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/constant_folding.cc#L1687-L1742https://github.com/tensorflow/tensorflow/commit/1fb27733f943295d874417630edd3b38b34ce082https://github.com/tensorflow/tensorflow/commit/240655511cd3e701155f944a972db71b6c0b1bb6https://github.com/tensorflow/tensorflow/commit/ebc1a2ffe5a7573d905e99bd0ee3568ee07c12c1https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fq86-3f29-px2c