CVE-2023-25661

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.11.1

Description A malicious invalid input can crash a TensorFlow model and be used to trigger a denial of service attack. This issue can be exploited using the Convolution3DTranspose function, a common API in modern neural networks. The ML models containing such vulnerable components could be deployed in ML applications or as cloud services, potentially allowing an attacker to trigger a denial of service attack on ML cloud services. An attacker must have privilege to provide input to a Convolution3DTranspose call.

Recommendations For versions prior to 2.11.1, upgrade to version 2.11.1 to resolve the issue. As a temporary workaround, consider restricting the use of the Convolution3DTranspose function until a patch is applied. Avoid using the Convolution3DTranspose layer with untrusted input to minimize the risk of exploitation.