CVE-2022-23590: Crash due to erroneous `StatusOr` in TensorFlow
(updated )
A GraphDef from a TensorFlow SavedModel can be maliciously altered to cause a TensorFlow process to crash due to encountering a StatusOr value that is an error and forcibly extracting the value from it:
if (op_reg_data->type_ctor != nullptr) {
VLOG(3) << "AddNode: found type constructor for " << node_def.name();
const auto ctor_type =
full_type::SpecializeType(AttrSlice(node_def), op_reg_data->op_def);
const FullTypeDef ctor_typedef = ctor_type.ValueOrDie();
if (ctor_typedef.type_id() != TFT_UNSET) {
*(node_def.mutable_experimental_type()) = ctor_typedef;
}
}
If ctor_type is an error status, ValueOrDie results in a crash.
References
- github.com/advisories/GHSA-pqrv-8r2f-7278
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-99.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-154.yaml
- github.com/tensorflow/tensorflow
- github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/core/graph/graph.cc
- github.com/tensorflow/tensorflow/commit/955059813cc325dc1db5e2daa6221271406d4439
- github.com/tensorflow/tensorflow/security/advisories/GHSA-pqrv-8r2f-7278
- nvd.nist.gov/vuln/detail/CVE-2022-23590
Detect and mitigate CVE-2022-23590 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →