Login Sign Up

CVE-2023-25659

7.5 HIGH

📋 TL;DR

This vulnerability in TensorFlow allows an out-of-bounds read when the DynamicStitch operation receives mismatched indices and data shapes, potentially leading to memory corruption or information disclosure. It affects users of TensorFlow versions before 2.12.0 and 2.11.1 who run untrusted models or inputs.

💻 Affected Systems

Products:
  • TensorFlow
Versions: All versions before 2.12.0 and 2.11.1
Operating Systems: All operating systems running TensorFlow
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability is present in default configurations when using the DynamicStitch operation with untrusted inputs.

📦 What is this software?

Tensorflow by Google

View all CVEs affecting Tensorflow →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Exploitation could cause a denial of service via application crash, memory corruption enabling arbitrary code execution, or leakage of sensitive data from memory.

🟠

Likely Case

Most probable impact is a denial of service through application crashes or instability, as exploitation requires specific input manipulation.

🟢

If Mitigated

With proper input validation and sandboxing, impact is limited to denial of service or minimal information disclosure.

🌐 Internet-Facing: MEDIUM, as exploitation requires sending malicious inputs to TensorFlow services, but may be mitigated by input sanitization.
🏢 Internal Only: MEDIUM, as internal users could exploit it if they can supply crafted inputs, but requires access to TensorFlow operations.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires crafting inputs to trigger the shape mismatch; no public exploits are known, but the vulnerability is documented in advisories.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: TensorFlow 2.12.0 or 2.11.1

Vendor Advisory: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-93vr-9q9m-pj8p

Restart Required: Yes

Instructions:

1. Update TensorFlow to version 2.12.0 or 2.11.1 using pip: 'pip install --upgrade tensorflow==2.12.0' or 'pip install --upgrade tensorflow==2.11.1'. 2. Restart any applications or services using TensorFlow to apply the fix.

🔧 Temporary Workarounds

Input Validation for DynamicStitch

all

Implement custom checks to ensure indices and data parameters match expected shapes before calling DynamicStitch.

# Example Python code to validate shapes
import tensorflow as tf
# Add validation logic before tf.raw_ops.DynamicStitch call

🧯 If You Can't Patch

  • Restrict access to TensorFlow operations to trusted users only.
  • Monitor and log usage of DynamicStitch for anomalous inputs and implement runtime sandboxing.

🔍 How to Verify

Check if Vulnerable:

Check TensorFlow version: if below 2.12.0 and not 2.11.1, it is vulnerable. Review code for DynamicStitch usage with untrusted inputs.

Check Version:

python -c 'import tensorflow as tf; print(tf.__version__)'

Verify Fix Applied:

After updating, confirm version is 2.12.0 or 2.11.1 and test DynamicStitch with various inputs to ensure no crashes or errors.

📡 Detection & Monitoring

Log Indicators:

  • Log entries indicating TensorFlow crashes, segmentation faults, or errors related to DynamicStitch operations.

Network Indicators:

  • Unusual network traffic patterns to TensorFlow services with crafted payloads, though specific signatures are not defined.

SIEM Query:

Example: 'event_source:"TensorFlow" AND (error:"DynamicStitch" OR crash)'

📊 Metadata

CVE ID: CVE-2023-25659
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-125
Published: March 25, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-25659, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)