CVE-2022-35952 in TensorFlowinfo

Summary

by MITRE • 09/17/2022

TensorFlow is an open source platform for machine learning. The `UnbatchGradOp` function takes an argument `id` that is assumed to be a scalar. A nonscalar `id` can trigger a `CHECK` failure and crash the program. It also requires its argument `batch_index` to contain three times the number of elements as indicated in its `batch_index.dim_size(0)`. An incorrect `batch_index` can trigger a `CHECK` failure and crash the program. We have patched the issue in GitHub commit 5f945fc6409a3c1e90d6970c9292f805f6e6ddf2. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Analysis

by VulDB Data Team • 10/19/2022

The vulnerability identified as CVE-2022-35952 affects TensorFlow, a widely used open source machine learning platform that powers numerous artificial intelligence applications across various industries. This issue resides within the `UnbatchGradOp` function which serves as a gradient operation in the computational graph processing pipeline. The flaw manifests when the function receives unexpected input parameters that violate its assumed data structures, leading to critical system failures. The vulnerability specifically targets two distinct input validation mechanisms within the gradient computation process, creating potential denial of service conditions that could disrupt machine learning workflows and training processes.

The technical implementation of this vulnerability stems from inadequate input validation within the `UnbatchGradOp` function where the system assumes that the `id` parameter will always be a scalar value. When a nonscalar `id` is provided, the function's internal `CHECK` mechanism triggers a failure condition that results in program termination. Additionally, the function requires the `batch_index` parameter to contain exactly three times the number of elements specified by `batch_index.dim_size(0)`. Any deviation from this expected ratio causes another `CHECK` failure, leading to identical crash conditions. Both scenarios represent classic buffer over-read and data structure validation issues that are categorized under CWE-129 and CWE-131 respectively, which fall under the broader category of input validation and memory safety vulnerabilities.

The operational impact of this vulnerability extends beyond simple program crashes, as it can severely disrupt machine learning workflows in production environments where TensorFlow is deployed. System administrators and developers utilizing TensorFlow for model training, inference, or deployment may experience unexpected service interruptions when processing certain inputs through the affected gradient operations. The vulnerability affects multiple TensorFlow versions including 2.7.2, 2.8.1, 2.9.1, and the upcoming 2.10.0 release, indicating a significant surface area of potential impact across the software's supported lifecycle. Given that TensorFlow is integrated into numerous enterprise applications, cloud services, and research platforms, this vulnerability could potentially affect critical infrastructure and AI-driven systems that depend on reliable gradient computation processes.

The fix for CVE-2022-35952 was implemented through a specific GitHub commit that addresses both validation conditions within the `UnbatchGradOp` function. The patch ensures proper input validation for both the `id` parameter and the `batch_index` parameter, preventing the `CHECK` failures that previously caused system crashes. Organizations using affected TensorFlow versions should prioritize upgrading to the patched releases as the fix is specifically designed to prevent the exact conditions that trigger the vulnerability. The cherrypick strategy for versions 2.7.2, 2.8.1, and 2.9.1 demonstrates the severity of the issue and the maintainers' commitment to addressing affected supported releases. Security teams should monitor their TensorFlow implementations for these specific versions and ensure timely patch deployment to prevent potential exploitation that could lead to service disruption in AI-powered applications and infrastructure.

Responsible

GitHub, Inc.

Reservation

07/15/2022

Disclosure

09/17/2022

Moderation

accepted

CPE

ready

EPSS

0.00558

KEV

no

Activities

very low

Sources

Want to stay up to date on a daily basis?

Enable the mail alert feature now!