CVE-2022-23568

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier

Description The implementation of AddManySparseToTensorsMap is vulnerable to an integer overflow, resulting in a CHECK-fail when building new TensorShape objects. This can cause an assert failure-based denial of service. The issue is due to missing validation on the shapes of the input tensors and directly constructing a large TensorShape with user-provided dimensions.

Recommendations For versions prior to 2.8.0, update to TensorFlow 2.8.0 or later. For versions 2.7.1 and earlier, update to TensorFlow 2.7.1 or later. For versions 2.6.3 and earlier, update to TensorFlow 2.6.3 or later. For versions 2.5.3 and earlier, update to TensorFlow 2.5.3 or later. As a temporary workaround, consider disabling the AddManySparseToTensorsMap function until a patch is available. Restrict access to the TensorShape constructor to minimize the risk of exploitation. Avoid using user-provided dimensions when constructing TensorShape objects until the issue is resolved.