Safety CLI Team Uncovers Unpublished Vulnerability in TensorFlow: CVE-2023-33976

Introduction to TensorFlow

TensorFlow has long been a cornerstone in the machine learning community, powering a wide array of projects from hobbyist experiments to large-scale corporate AI initiatives. Renowned for its robustness and versatility, TensorFlow enables developers to build and deploy machine learning models with efficiency and ease.

Given TensorFlow's critical role in many production systems, any vulnerabilities within it can have far-reaching consequences. These can range from data breaches to significant system downtimes, posing substantial risks to businesses and end-users alike. As a result, it’s crucial for developers and organizations to remain vigilant and promptly address security updates and vulnerabilities.

The TensorFlow Vulnerability - CVE-2023-33976

The Safety CLI Cybersecurity Intelligence team recently discovered a previously unpublished vulnerability in the TensorFlow Python package, designated as CVE-2023-33976. This vulnerability, although initially fixed in TensorFlow version 2.13.0, went unnoticed until it was officially published in the CVE databases in July 2024. The affected versions include:

• Versions < 2.12.1
• Versions >= 2.13.0rc0 but < 2.13.0

The root of this vulnerability lies in an integer overflow issue within the array_ops.upper_bound function. This flaw can trigger a segmentation fault when the function is not provided with a rank-2 tensor, posing a hidden risk for any systems using the affected TensorFlow versions. While the issue was addressed on May 30, 2023, the delayed publication of the CVE left many systems potentially exposed until its disclosure in July 2024. Further information can be found on our TensorFlow vulnerabilities page.

Discovery Process

Here’s how we uncovered and handled CVE-2023-33976:

1. Investigation: Our analysts detected a security fix in TensorFlow's release notes, prompting a deeper investigation into the repository.
2. Verification: We verified the fix, pinpointing the security issue that caused the integer overflow.
3. Reporting: Observing that the CVE was reserved but unpublished, we reached out to TensorFlow maintainers to ensure the vulnerability was properly disclosed.
4. Publication: Finally, the CVE was officially published and added to common vulnerability databases, including GHSA, Mitre, and NVD.

Steps to Protect Against the Vulnerability

Immediate Actions for Users

To fix the  vulnerability, users should upgrade to TensorFlow version 2.12.1, 2.13.0 or later.

Best Practices for Ongoing Security

• Know What Packages You Are Using: Have systems and processes in place to know which packages are in use across your projects.
• Regular Updates: Continuously update your dependencies and libraries to the latest versions.
• Use Vulnerability Scanners: Tools like Safety CLI can help you detect and remediate vulnerabilities promptly, safeguarding your systems against potential threats.
• Perform Scans at Every Stage of Development: scanning in CI/CD is often too late to protect against vulnerabilities or malicious packages. It is, therefore, important to perform scans at every stage of the software development lifecycle, including local development environments, CI/CD and production environments.

Our Expertise in Vulnerability Discovery

At Safety Cybersecurity, we pride ourselves on maintaining the industry's most comprehensive database of vulnerabilities and malicious Python packages. Our team conducts thorough manual reviews of each vulnerability to ensure accuracy and completeness. By actively contributing to the open-source community, we help identify and report security issues, enabling developers to build more secure applications.

By staying vigilant and proactive, you can protect your systems and ensure that your machine learning endeavors are both innovative and secure. For more information and to try our vulnerability scanning tool, sign up for free today.