CVE-2022-35995 in TensorFlow
Summary
by MITRE • 09/17/2022
TensorFlow is an open source platform for machine learning. When `AudioSummaryV2` receives an input `sample_rate` with more than one element, it gives a `CHECK` fails that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit bf6b45244992e2ee543c258e519489659c99fb7f. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 10/19/2022
The vulnerability identified as CVE-2022-35995 affects TensorFlow, a widely used open source machine learning platform that powers numerous artificial intelligence applications across industries. This security flaw resides within the AudioSummaryV2 functionality, which is part of TensorFlow's monitoring and visualization capabilities for audio data processing. The issue represents a critical denial of service vulnerability that can be exploited by malicious actors to disrupt TensorFlow-based systems, potentially impacting machine learning workflows and inference services that depend on audio data processing pipelines.
The technical root cause of this vulnerability stems from improper input validation within the AudioSummaryV2 component. Specifically, when the function receives an input parameter named `sample_rate` containing more than a single element, it triggers a CHECK failure that results in program termination. This occurs because the code does not properly validate the dimensions of the sample_rate tensor before processing it, allowing an attacker to craft malicious inputs that cause the system to crash. The vulnerability manifests as a controlled crash that can be repeatedly triggered, leading to sustained denial of service conditions that prevent legitimate operations from executing.
The operational impact of this vulnerability extends beyond simple system crashes, as it can severely disrupt machine learning workflows that depend on TensorFlow's audio processing capabilities. Attackers can exploit this weakness to target systems running TensorFlow applications, potentially affecting production environments, research platforms, and AI-powered services that process audio data. The vulnerability affects multiple TensorFlow versions including 2.7.2, 2.8.1, 2.9.1, and the affected versions that will receive the patch in 2.10.0. Organizations using TensorFlow for audio analysis, speech recognition, or other audio-related machine learning tasks face significant risk if they do not apply the security update promptly.
The fix for this vulnerability was implemented through a specific GitHub commit that addresses the input validation issue in the AudioSummaryV2 function. This patch ensures that sample_rate parameters are properly validated before processing, preventing the CHECK failure that led to system crashes. Security researchers have classified this issue under CWE-248, which covers "Uncaught Exception," and the vulnerability aligns with ATT&CK technique T1499.004, which involves network denial of service attacks. Organizations should prioritize applying the patch to affected versions as the vulnerability does not have any known workarounds, making the immediate deployment of the security update essential for maintaining system availability and preventing exploitation by malicious actors.