CVE-2022-23572: Crash when type cannot be specialized in Tensorflow
(updated )
Under certain scenarios, TensorFlow can fail to specialize a type during shape inference:
void InferenceContext::PreInputInit(
const OpDef& op_def, const std::vector<const Tensor*>& input_tensors,
const std::vector<ShapeHandle>& input_tensors_as_shapes) {
const auto ret = full_type::SpecializeType(attrs_, op_def);
DCHECK(ret.status().ok()) << "while instantiating types: " << ret.status();
ret_types_ = ret.ValueOrDie();
// ...
}
However, DCHECK
is a no-op in production builds and an assertion failure in debug builds. In the first case execution proceeds to the ValueOrDie
line. This results in an assertion failure as ret
contains an error Status
, not a value. In the second case we also get a crash due to the assertion failure.
References
- github.com/advisories/GHSA-rww7-2gpw-fv6j
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-81.yaml
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-136.yaml
- github.com/tensorflow/tensorflow
- github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/shape_inference.cc
- github.com/tensorflow/tensorflow/commit/cb164786dc891ea11d3a900e90367c339305dc7b
- github.com/tensorflow/tensorflow/security/advisories/GHSA-rww7-2gpw-fv6j
- nvd.nist.gov/vuln/detail/CVE-2022-23572
Detect and mitigate CVE-2022-23572 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →