CVE-2022-23593

Опубликовано: 04 фев. 2022

Источник: nvd

CVSS3: 5.9

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

Tensorflow is an Open Source Machine Learning Framework. The simplifyBroadcast function in the MLIR-TFRT infrastructure in TensorFlow is vulnerable to a segfault (hence, denial of service), if called with scalar shapes. If all shapes are scalar, then maxRank is 0, so we build an empty SmallVector. The fix will be included in TensorFlow 2.8.0. This is the only affected version.

Ссылки

https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/compiler/mlir/tfrt/jit/transforms/tf_cpurt_symbolic_shape_optimization.cc#L149-L205
Exploit
Third Party Advisory
https://github.com/tensorflow/tensorflow/commit/35f0fabb4c178253a964d7aabdbb15c6a398b69a
Patch
Third Party Advisory
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gwcx-jrx4-92w2
Patch
Third Party Advisory
https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/compiler/mlir/tfrt/jit/transforms/tf_cpurt_symbolic_shape_optimization.cc#L149-L205
Exploit
Third Party Advisory
https://github.com/tensorflow/tensorflow/commit/35f0fabb4c178253a964d7aabdbb15c6a398b69a
Patch
Third Party Advisory
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gwcx-jrx4-92w2
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*

Версия от 2.7.0 (включая) до 2.8.0 (исключая)

EPSS

Процентиль: 54%

0.00309

Низкий

5.9 Medium

CVSS3

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-754

Связанные уязвимости

CVE-2022-23593

CVSS3: 5.9

debian

около 4 лет назад

Tensorflow is an Open Source Machine Learning Framework. The `simplify ...

GHSA-gwcx-jrx4-92w2

CVSS3: 5.9

github

почти 4 года назад

Segfault in `simplifyBroadcast` in Tensorflow

EPSS

Процентиль: 54%

0.00309

Низкий

5.9 Medium

CVSS3

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-754