Headline
CVE-2022-35991: Check for element_shape in TensorListScatter and TensorListScatterV2 · tensorflow/tensorflow@bb03fdf
TensorFlow is an open source platform for machine learning. When TensorListScatter and TensorListScatterV2 receive an element_shape of a rank greater than one, they give a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit bb03fdf4aae944ab2e4b35c7daa051068a8b7f61. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.
@@ -481,6 +481,30 @@ def testScatterOutputListSizeWithNumElementsSpecified(self):
# TensorListScatter should return a list with size num_elements.
self.assertAllEqual(list_ops.tensor_list_length(l), 5)
def testScatterFailsWhenElementShapeIsNotVector(self):
c0 = constant_op.constant([1.0, 2.0])
# In Eager mode, InvalidArgumentError is generated by the Compute function.
# In graph mode, ValueError is generated by the shape function.
with self.assertRaisesRegex(
(errors.InvalidArgumentError, ValueError),
“must be at most rank 1”):
l = gen_list_ops.tensor_list_scatter(
# Wrong element_shape. Should be at most rank 1.
c0, [1, 3], element_shape=[[1]])
self.evaluate(l)
def testScatterV2FailsWhenElementShapeIsNotVector(self):
c0 = constant_op.constant([1.0, 2.0])
# In Eager mode, InvalidArgumentError is generated by the Compute function.
# In graph mode, ValueError is generated by the shape function.
with self.assertRaisesRegex(
(errors.InvalidArgumentError, ValueError),
“must be at most rank 1”):
l = gen_list_ops.tensor_list_scatter_v2(
# Wrong element_shape. Should be at most rank 1.
c0, [1, 3], element_shape=[[1]], num_elements=2)
self.evaluate(l)
def testScatterFailsWhenIndexLargerThanNumElements(self):
c0 = constant_op.constant([1.0, 2.0])
with self.assertRaisesRegex(
Related news
### Impact When `TensorListScatter` and `TensorListScatterV2` receive an `element_shape` of a rank greater than one, they give a `CHECK` fail that can trigger a denial of service attack. ```python import tensorflow as tf arg_0=tf.random.uniform(shape=(2, 2, 2), dtype=tf.float16, maxval=None) arg_1=tf.random.uniform(shape=(2, 2, 2), dtype=tf.int32, maxval=65536) arg_2=tf.random.uniform(shape=(2, 2, 2), dtype=tf.int32, maxval=65536) arg_3='' tf.raw_ops.TensorListScatter(tensor=arg_0, indices=arg_1, element_shape=arg_2, name=arg_3) ``` ### Patches We have patched the issue in GitHub commit [bb03fdf4aae944ab2e4b35c7daa051068a8b7f61](https://github.com/tensorflow/tensorflow/commit/bb03fdf4aae944ab2e4b35c7daa051068a8b7f61). The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. ### For more information Please consult [our security guide](https...