CVE-2022-41907: TensorFlow ResizeNearestNeighborGrad Large Input Size Overflow Vulnerability and Patch

TensorFlow is an open-source platform designed to make it easier for developers and researchers to create machine learning models. Recently, a vulnerability has been discovered (CVE-2022-41907), which causes an overflow when given a large 'size' input in the tf.raw_ops.ResizeNearestNeighborGrad function. This post will provide a detailed explanation of the issue, how to exploit it, the available patch, and information on releasing the fix in TensorFlow 2.11 as well as previous versions 2.10.1, 2.9.3, and 2.8.4.

Vulnerability Details

In the TensorFlow library, the function tf.raw_ops.ResizeNearestNeighborGrad is responsible for computing the gradients of nearest neighbor upsampling. An overflow can occur when this function is given a large 'size' input. An attacker could potentially exploit this vulnerability to cause a denial of service or potentially execute arbitrary code.

The following code snippet demonstrates the issue

import tensorflow as tf

size = 2 ** 32
overflow_input = tf.constant([1., 1.], shape=[1, 1, 2, 1])

# Vulnerable call to ResizeNearestNeighborGrad with large size input
grad = tf.raw_ops.ResizeNearestNeighborGrad(
    grads=overflow_input,
    size=[size, size],
    align_corners=True,
    name=None
)

Patching the Vulnerability

The TensorFlow team has addressed this issue and patched it in GitHub commit 00c821af032ba9e5f5fa3fe14690c8d28a657624. The fix will be included in the upcoming TensorFlow 2.11 release.

For users who are still utilizing TensorFlow 2.10.1, 2.9.3, and 2.8.4, the patch will also be cherrypicked and applied to these affected versions as they are still in the supported range.

How to Apply the Patch

For those using TensorFlow with the aforementioned affected versions, it is strongly recommended to either update to TensorFlow 2.11 or apply the patch to your current version.

To apply the patch to your current version, refer to the instructions in the official TensorFlow GitHub repository.

Conclusion

The vulnerability (CVE-2022-41907) found in the TensorFlow library's tf.raw_ops.ResizeNearestNeighborGrad function has been addressed by the TensorFlow team and patched in GitHub commit 00c821af032ba9e5f5fa3fe14690c8d28a657624. The fix will be available in TensorFlow 2.11 and cherrypicked for the affected versions (2.10.1, 2.9.3, 2.8.4). It is strongly advised for users to update their TensorFlow installation or apply the patch to ensure the security of their project.

Timeline

Published on: 11/18/2022 22:15:00 UTC
Last modified on: 11/23/2022 13:52:00 UTC