CVE-2022-23559

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.0 through 2.7.0 TensorFlow versions 2.6.0 through 2.6.2 TensorFlow versions 2.5.0 through 2.5.2

Description An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both embedding size and lookup size are products of values provided by the user, allowing a malicious user to trigger overflows in the multiplication. This can result in heap OOB read/write in certain scenarios.

Recommendations For TensorFlow versions prior to 2.8.0, upgrade to version 2.8.0 or later. For TensorFlow versions 2.7.0 through 2.7.0, upgrade to version 2.7.1 or later. For TensorFlow versions 2.6.0 through 2.6.2, upgrade to version 2.6.3 or later. For TensorFlow versions 2.5.0 through 2.5.2, upgrade to version 2.5.3 or later. As a temporary workaround, consider restricting the use of user-provided values for embedding size and lookup size to minimize the risk of exploitation.