Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-23591: Prevent stack overflow when FunctionLib in GraphDef has a self-recurs… · tensorflow/tensorflow@448a161

Tensorflow is an Open Source Machine Learning Framework. The GraphDef format in TensorFlow does not allow self recursive functions. The runtime assumes that this invariant is satisfied. However, a GraphDef containing a fragment such as the following can be consumed when loading a SavedModel. This would result in a stack overflow during execution as resolving each NodeDef means resolving the function itself and its nodes. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.

CVE
Open in Source
#mac

Expand Up

@@ -25,6 +25,7 @@ limitations under the License.

#include “tensorflow/core/framework/attr_value.pb.h”

#include “tensorflow/core/framework/function.pb.h”

#include “tensorflow/core/framework/node_def.pb.h”

#include “tensorflow/core/framework/op_def.pb.h”

#include “tensorflow/core/framework/tensor.pb.h”

#include “tensorflow/core/lib/io/path.h”

#include “tensorflow/core/lib/monitoring/counter.h”

Expand Down Expand Up

@@ -99,6 +100,19 @@ static Status ValidateNode(const NodeDef& node) {

return Status::OK();

}

static Status ValidateFunctionNotRecursive(const FunctionDef& function) {

const auto& function_name = function.signature().name();

for (const auto& node : function.node_def()) {

if (node.op() == function_name) {

return errors::FailedPrecondition(

"Function ", function_name,

" is self recursive and TensorFlow does not support this scenario.");

}

}

return Status::OK();

}

static Status ValidateSavedTensors(const GraphDef& graph_def) {

for (const auto& node : graph_def.node()) {

TF_RETURN_IF_ERROR(ValidateNode(node));

Expand All

@@ -110,6 +124,10 @@ static Status ValidateSavedTensors(const GraphDef& graph_def) {

for (const auto& node : function.node_def()) {

TF_RETURN_IF_ERROR(ValidateNode(node));

}

// Also check that there is no recursivity in the library

// TODO(mihaimaruseac): Do more than self-recursivity

TF_RETURN_IF_ERROR(ValidateFunctionNotRecursive(function));

}

}

Expand Down

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE