CVE-2023-25666
📋 TL;DR
This CVE describes a floating point exception vulnerability in TensorFlow's AudioSpectrogram function. Attackers can cause denial of service by triggering division by zero or invalid floating point operations. Users of TensorFlow versions before 2.12.0 and 2.11.1 are affected.
💻 Affected Systems
- TensorFlow
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Complete service disruption through denial of service, potentially crashing TensorFlow processes and disrupting machine learning workflows.
Likely Case
Application crashes or hangs when processing malicious audio input through AudioSpectrogram, causing temporary service disruption.
If Mitigated
Minimal impact with proper input validation and error handling in place, though the vulnerable function remains exploitable.
🎯 Exploit Status
Exploitation requires sending specially crafted audio input to trigger the floating point exception. No authentication needed if the service accepts external audio input.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: TensorFlow 2.12.0 or 2.11.1
Vendor Advisory: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f637-vh3r-vfh2
Restart Required: Yes
Instructions:
1. Update TensorFlow using pip: 'pip install --upgrade tensorflow==2.12.0' or 'pip install --upgrade tensorflow==2.11.1'. 2. Restart all TensorFlow services and applications. 3. Verify the update with 'pip show tensorflow'.
🔧 Temporary Workarounds
Disable AudioSpectrogram functionality
allRemove or disable usage of AudioSpectrogram in your TensorFlow applications
# Modify application code to avoid AudioSpectrogram calls
# Replace with alternative audio processing methods
Input validation and sanitization
allImplement strict validation of audio input before passing to AudioSpectrogram
# Add input validation checks in your application code
# Reject malformed or suspicious audio input
🧯 If You Can't Patch
- Implement network segmentation to isolate TensorFlow services from untrusted networks
- Deploy web application firewalls (WAF) to filter malicious audio input before it reaches TensorFlow
🔍 How to Verify
Check if Vulnerable:
Check TensorFlow version with 'pip show tensorflow' or 'python -c "import tensorflow as tf; print(tf.__version__)"'. If version is below 2.12.0 and not 2.11.1, you are vulnerable.Check Version:
python -c "import tensorflow as tf; print('TensorFlow version:', tf.__version__)"Verify Fix Applied:
After updating, verify version is 2.12.0 or 2.11.1 using the same commands. Test AudioSpectrogram functionality with various audio inputs.📡 Detection & Monitoring
Log Indicators:
- Floating point exception errors
- Division by zero errors
- TensorFlow process crashes
- AudioSpectrogram function failures
Network Indicators:
- Unusual audio file uploads to TensorFlow services
- Repeated failed audio processing requests
SIEM Query:
source="tensorflow" AND ("floating point exception" OR "division by zero" OR "AudioSpectrogram" AND error)🔗 References
- https://github.com/tensorflow/tensorflow/commit/d0d4e779da0d0f56499c6fa5ba09f0a576cc6b14
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f637-vh3r-vfh2
- https://github.com/tensorflow/tensorflow/commit/d0d4e779da0d0f56499c6fa5ba09f0a576cc6b14
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f637-vh3r-vfh2
