PT-2022-16072 · Google · Tensorflow

Wang Xuan

Published

2022-02-04

Updated

2024-03-06

CVE-2022-23557

CVSS v4.0

7.1

High

Vector

AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1, 2.6.3, and 2.5.3 are also affected

Description An attacker can craft a TFLite model that would trigger a division by zero in the BiasAndClamp implementation. There is no check that the bias size is non zero. The issue is related to the BiasAndClamp function, which does not verify if the bias size is non-zero before performing operations.

Recommendations For versions prior to 2.8.0, update to TensorFlow 2.8.0 or later. For version 2.7.1, update to a version that includes the cherrypicked commit. For version 2.6.3, update to a version that includes the cherrypicked commit. For version 2.5.3, update to a version that includes the cherrypicked commit. As a temporary workaround, consider disabling the BiasAndClamp function until a patch is available.

Exploit

Fix

Divide By Zero

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-369

Related Identifiers

BIT-TENSORFLOW-2022-23557

CVE-2022-23557

GHSA-GF2J-F278-XH4V

OPENSUSE-SU-2024:12116-1

PYSEC-2022-121

PYSEC-2022-66

Affected Products

Tensorflow

PT-2022-16072 · Google · Tensorflow

CVE-2022-23557

Weakness Enumeration

Related Identifiers

Affected Products

References · 14