6.5
CVE-2022-23581
- EPSS 1.15%
- Veröffentlicht 04.02.2022 23:15:14
- Zuletzt bearbeitet 21.11.2024 06:48:51
- Quelle security-advisories@github.com
- CVE-Watchlists
- Unerledigt
`CHECK`-failures during Grappler's `IsSimplifiableReshape` in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a `SavedModel` such that `IsSimplifiableReshape` would trigger `CHECK` failures. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Google ≫ Tensorflow Version <= 2.5.2
Google ≫ Tensorflow Version >= 2.6.0 <= 2.6.2
Google ≫ Tensorflow Version2.7.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.15% | 0.63 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
| security-advisories@github.com | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-617 Reachable Assertion
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/constant_folding.cc#L1687-L1742
https://github.com/tensorflow/tensorflow/commit/1fb27733f943295d874417630edd3b38b34ce082
https://github.com/tensorflow/tensorflow/commit/240655511cd3e701155f944a972db71b6c0b1bb6
https://github.com/tensorflow/tensorflow/commit/ebc1a2ffe5a7573d905e99bd0ee3568ee07c12c1
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fq86-3f29-px2c