CVE-2022-23580

Abort caused by allocating a vector that is too large in Tensorflow

CVSS 6.5 MEDIUMEPSS 0.8%CWE-400

Tensorflow is an Open Source Machine Learning Framework. During shape inference, TensorFlow can allocate a large vector based on a value from a tensor controlled by the user. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

tensorflow · tensorflow

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/shape_inference.cc#L788-L790 https://github.com/tensorflow/tensorflow/commit/1361fb7e29449629e1df94d44e0427ebec8c83c7 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-627q-g293-49q7