CVE-2023-33976
Segfault vulnerability in tensorflow (PyPI)
What is CVE-2023-33976 About?
This vulnerability in TensorFlow's `array_ops.upper_bound` function causes a segmentation fault if the input is not a rank 2 tensor. Its impact is a denial-of-service condition due to the application crashing. Exploitation is relatively easy if an attacker can control the input tensor's rank.
Affected Software
- tensorflow
- <2.12.1
- tensorflow-cpu
- <2.12.1
- tensorflow-gpu
- <2.12.1
Technical Details
The vulnerability occurs within the array_ops.upper_bound function in TensorFlow. The function expects a tensor of rank 2 as input for its operation. However, the implementation does not perform adequate or any rank validation of the input tensor. Consequently, if the array_ops.upper_bound function is called with a tensor that is not of rank 2 (e.g., a scalar, a rank 1 vector, or a rank 3+ tensor), it accesses memory incorrectly due to misaligned expectations about the data structure. This improper memory access leads directly to a segmentation fault (segfault), crashing the TensorFlow process and resulting in a denial-of-service.
What is the Impact of CVE-2023-33976?
Successful exploitation may allow attackers to crash the TensorFlow application, leading to a denial-of-service condition.
What is the Exploitability of CVE-2023-33976?
Exploitation complexity is low. The main prerequisite is the ability to provide an input tensor of an incorrect rank (i.e., not rank 2) to the array_ops.upper_bound function. No specific authentication or privilege is required for this. Access is typically local, meaning an attacker needs to execute code that calls this function, but it could be remotely exploitable if an application exposes TensorFlow operations to untrusted remote input. The risk factor is high in applications that dynamically generate or process tensors from untrusted sources and pass them to array_ops.upper_bound without explicit rank validation.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2023-33976?
Available Upgrade Options
- tensorflow
- <2.12.1 → Upgrade to 2.12.1
- tensorflow-cpu
- <2.12.1 → Upgrade to 2.12.1
- tensorflow-gpu
- <2.12.1 → Upgrade to 2.12.1
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://github.com/tensorflow/tensorflow/commit/6fa05df43b00038b048f4f0e51ef522da6532fec
- https://nvd.nist.gov/vuln/detail/CVE-2023-33976
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gjh7-xx4r-x345
- https://github.com/tensorflow/tensorflow/commit/915884fdf5df34aaedd00fc6ace33a2cfdefa586
- https://github.com/tensorflow/tensorflow/commit/6fa05df43b00038b048f4f0e51ef522da6532fec
- https://osv.dev/vulnerability/GHSA-gjh7-xx4r-x345
- https://github.com/tensorflow/tensorflow/commit/915884fdf5df34aaedd00fc6ace33a2cfdefa586
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gjh7-xx4r-x345
- https://github.com/tensorflow/tensorflow
What are Similar Vulnerabilities to CVE-2023-33976?
Similar Vulnerabilities: CVE-2023-36052 , CVE-2023-36053 , CVE-2023-36067 , CVE-2022-41908 , CVE-2022-35925
