CVE-2022-35968 in TensorFlowinfo

Summary

by MITRE • 09/17/2022

TensorFlow is an open source platform for machine learning. The implementation of `AvgPoolGrad` does not fully validate the input `orig_input_shape`. This results in a `CHECK` failure which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 3a6ac52664c6c095aa2b114e742b0aa17fdce78f. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Analysis

by VulDB Data Team • 10/19/2022

The vulnerability identified as CVE-2022-35968 resides within TensorFlow's implementation of the AvgPoolGrad operation, which serves as a critical component in gradient computation for average pooling layers during neural network training. This flaw specifically targets the validation mechanism of the orig_input_shape parameter, creating a potential pathway for attackers to induce system instability through carefully crafted inputs. The issue manifests as a CHECK failure that occurs when the input validation does not adequately screen the orig_input_shape parameter, leading to a controlled crash condition that can be exploited for denial of service attacks.

The technical nature of this vulnerability aligns with CWE-248, which addresses "Uncaught Exception" conditions in software systems, and demonstrates a classic example of insufficient input validation that can result in program termination. The flaw occurs within the gradient computation phase of TensorFlow's computational graph execution, where the AvgPoolGrad operation expects specific dimensional constraints but fails to properly validate these inputs before proceeding with computation. This validation gap creates a scenario where malformed or unexpected input shapes can trigger internal assertion failures that terminate the application process rather than gracefully handling the error condition.

From an operational perspective, this vulnerability presents a significant risk to TensorFlow deployments that process untrusted input data, particularly in cloud-based machine learning services or applications where users can provide model parameters or training data. The denial of service impact extends beyond simple application crashes to potentially affect entire training pipelines or inference services, as the CHECK failure can be triggered through legitimate API calls that manipulate pooling layer parameters. Attackers exploiting this vulnerability can cause sustained service disruption without requiring elevated privileges, making it particularly concerning for production environments where availability is critical.

The mitigation strategy for CVE-2022-35968 involves immediate deployment of the patched TensorFlow versions, with the fix being incorporated into TensorFlow 2.10.0 and backported to older supported releases including 2.9.1, 2.8.1, and 2.7.2. This approach follows standard security patch management practices to ensure continued support for organizations still operating within supported version ranges. Organizations should prioritize upgrading their TensorFlow installations to prevent exploitation, as no workarounds exist for this particular vulnerability. The fix addresses the root cause by implementing comprehensive validation of the orig_input_shape parameter within the AvgPoolGrad implementation, thereby preventing the CHECK failure that previously enabled denial of service conditions. This vulnerability demonstrates the importance of robust input validation in machine learning frameworks where computational operations must handle diverse and potentially malicious input data while maintaining system stability and availability.

Responsible

GitHub, Inc.

Reservation

07/15/2022

Disclosure

09/17/2022

Moderation

accepted

CPE

ready

EPSS

0.00396

KEV

no

Activities

very low

Sources

Want to stay up to date on a daily basis?

Enable the mail alert feature now!