CVE-2023-33976 – CVE-2023-33976 is a vulnerability in TensorFlow... (How to Fix)

Q: What is the severity of CVE-2023-33976?

CVE-2023-33976 has a CVSS score of 7.5 (HIGH). CVE-2023-33976 is a vulnerability in TensorFlow's array_ops.upper_bound function that causes a segmentation fault when provided with a tensor that is not rank 2. This can lead to denial of service or potentially arbitrary code execution. Anyone using TensorFlow with the affected function is vulnerable.

📋 TL;DR

CVE-2023-33976 is a vulnerability in TensorFlow's array_ops.upper_bound function that causes a segmentation fault when provided with a tensor that is not rank 2. This can lead to denial of service or potentially arbitrary code execution. Anyone using TensorFlow with the affected function is vulnerable.

💻 Affected Systems

Products:

TensorFlow

Versions: TensorFlow versions before 2.13.0

Operating Systems: All operating systems running TensorFlow

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects code that calls array_ops.upper_bound with non-rank-2 tensors.

📦 What is this software?

Tensorflow by Google

View all CVEs affecting Tensorflow →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise if the segfault can be weaponized for memory corruption attacks.

🟠

Likely Case

Denial of service through application crashes when malformed tensors are processed.

🟢

If Mitigated

Application stability maintained with proper input validation and patching.

🌐 Internet-Facing: MEDIUM - Requires specific API calls to vulnerable function, but could be exploited if TensorFlow serves ML models publicly.

🏢 Internal Only: MEDIUM - Internal ML pipelines using array_ops.upper_bound could crash, disrupting workflows.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires calling the vulnerable function with specific malformed input.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: TensorFlow 2.13.0 (also backported to 2.12.1)

Vendor Advisory: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gjh7-xx4r-x345

Restart Required: Yes

Instructions:

1. Upgrade TensorFlow to version 2.13.0 or later. 2. For TensorFlow 2.12, apply the backported patch to version 2.12.1. 3. Restart any services using TensorFlow.

🔧 Temporary Workarounds

Input validation wrapper

all

Wrap calls to array_ops.upper_bound with validation to ensure input tensors are rank 2.

# Python code to validate tensor rank before calling upper_bound
import tensorflow as tf
if tf.rank(input_tensor) == 2:
    result = tf.raw_ops.UpperBound(sorted_input=input_tensor, values=values)
else:
    # Handle error appropriately
    raise ValueError('Input tensor must be rank 2')

🧯 If You Can't Patch

Disable or restrict access to code paths that use array_ops.upper_bound.
Implement strict input validation for all tensor operations in your ML pipeline.

🔍 How to Verify

Check if Vulnerable:

Check TensorFlow version and review code for usage of array_ops.upper_bound with non-rank-2 tensors.

Check Version:

python -c 'import tensorflow as tf; print(tf.__version__)'

Verify Fix Applied:

After patching, test that array_ops.upper_bound handles non-rank-2 tensors gracefully without crashing.

📡 Detection & Monitoring

Log Indicators:

Segmentation fault errors in application logs
TensorFlow crash reports with stack traces involving upper_bound

Network Indicators:

Unusual spikes in failed ML inference requests

SIEM Query:

source="tensorflow" AND ("segfault" OR "upper_bound" OR "CVE-2023-33976")

📊 Metadata

CVE ID: CVE-2023-33976

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-190

Published: July 30, 2024

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-33976, you might also want to check these: