CVE-2022-21725: Division by zero in Tensorflow
(updated )
The estimator for the cost of some convolution operations can be made to execute a division by 0:
import tensorflow as tf
@tf.function
def test():
y=tf.raw_ops.AvgPoolGrad(
orig_input_shape=[1,1,1,1],
grad=[[[[1.0],[1.0],[1.0]]],[[[2.0],[2.0],[2.0]]],[[[3.0],[3.0],[3.0]]]],
ksize=[1,1,1,1],
strides=[1,1,1,0],
padding='VALID',
data_format='NCHW')
return y
test()
The function fails to check that the stride argument is stricly positive:
int64_t GetOutputSize(const int64_t input, const int64_t filter,
const int64_t stride, const Padding& padding) {
// Logic for calculating output shape is from GetWindowedOutputSizeVerbose()
// function in third_party/tensorflow/core/framework/common_shape_fns.cc.
if (padding == Padding::VALID) {
return (input - filter + stride) / stride;
} else { // SAME.
return (input + stride - 1) / stride;
}
}
Hence, the fix is to add a check for the stride argument to ensure it is valid.
References
- github.com/advisories/GHSA-v3f7-j968-4h5f
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-49.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-104.yaml
- github.com/tensorflow/tensorflow
- github.com/tensorflow/tensorflow/blob/ffa202a17ab7a4a10182b746d230ea66f021fe16/tensorflow/core/grappler/costs/op_level_cost_estimator.cc
- github.com/tensorflow/tensorflow/commit/3218043d6d3a019756607643cf65574fbfef5d7a
- github.com/tensorflow/tensorflow/security/advisories/GHSA-v3f7-j968-4h5f
- nvd.nist.gov/vuln/detail/CVE-2022-21725
Detect and mitigate CVE-2022-21725 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →