CVE-2022-23581

EUVD-2022-0329
Tensorflow is an Open Source Machine Learning Framework. The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a `SavedModel` such that `IsSimplifiableReshape` would trigger `CHECK` failures. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
GitHub_MCNA
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
Affected Products (NVD)
VendorProductVersion
googletensorflow
𝑥
≤ 2.5.2
googletensorflow
2.6.0 ≤
𝑥
≤ 2.6.2
googletensorflow
2.7.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/constant_folding.cc#L1687-L1742
https://github.com/tensorflow/tensorflow/commit/1fb27733f943295d874417630edd3b38b34ce082
https://github.com/tensorflow/tensorflow/commit/240655511cd3e701155f944a972db71b6c0b1bb6
https://github.com/tensorflow/tensorflow/commit/ebc1a2ffe5a7573d905e99bd0ee3568ee07c12c1
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fq86-3f29-px2c
https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/constant_folding.cc#L1687-L1742
https://github.com/tensorflow/tensorflow/commit/1fb27733f943295d874417630edd3b38b34ce082
https://github.com/tensorflow/tensorflow/commit/240655511cd3e701155f944a972db71b6c0b1bb6
https://github.com/tensorflow/tensorflow/commit/ebc1a2ffe5a7573d905e99bd0ee3568ee07c12c1
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fq86-3f29-px2c