Security News > 2021 > September > Google's TensorFlow drops YAML support due to code execution flaw

Google's TensorFlow drops YAML support due to code execution flaw
2021-09-05 07:23

TensorFlow, a popular Python-based machine learning and artificial intelligence project developed by Google has dropped support for YAML, to patch a critical code execution vulnerability.

Maintainers behind both TensorFlow and Keras, a wrapper project for TensorFlow, have patched an untrusted deserialization vulnerability that stemmed from unsafe parsing of YAML. Tracked as CVE-2021-37678, the critical flaw enables attackers to execute arbitrary code when an application deserializes a Keras model provided in the YAML format.

This YAML deserialization vulnerability, rated a 9.3 in severity, was responsibly reported to TensorFlow maintainers by security researcher Arjun Shibu.

The "Unsafe load" function is known to deserialize YAML data rather liberally-it resolves all tags, "Even those known to be unsafe on untrusted input."

Should that not be the case, attackers can exploit the deserialization mechanism to execute code of their choice by injecting malicious payload in the YAML data which is yet to be serialized.

Model from yaml(payload) TensorFlow drops YAML altogether in favor of JSON. After the vulnerability was reported, TensorFlow decided to drop YAML support altogether and use JSON deserialization instead. "Given that YAML format support requires a significant amount of work, we have removed it for now," say the project maintainers in the same advisory.


News URL

https://www.bleepingcomputer.com/news/security/googles-tensorflow-drops-yaml-support-due-to-code-execution-flaw/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-08-12 CVE-2021-37678 Deserialization of Untrusted Data vulnerability in Google Tensorflow
TensorFlow is an end-to-end open source platform for machine learning.
local
low complexity
google CWE-502
8.8