PT-2022-26121 · Google · Tensorflow
Pattarakrit Rattankul
·
Published
2022-11-18
·
Updated
2024-03-06
·
CVE-2022-41890
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
TensorFlow versions prior to 2.11
TensorFlow versions 2.10.1, 2.9.3, and 2.8.4
Description
The issue arises when
BCast::ToShape is given input larger than an int32, causing it to crash despite being supposed to handle up to an int64. An example of this can be seen in tf.experimental.numpy.outer by passing large input to the input b.Recommendations
For TensorFlow versions prior to 2.11, update to version 2.11 or later.
For TensorFlow versions 2.10.1, 2.9.3, and 2.8.4, apply the patch from GitHub commit 8310bf8dd188ff780e7fc53245058215a05bdbe5.
As a temporary workaround, consider avoiding large inputs to
BCast::ToShape until the issue is resolved.Exploit
Fix
Incorrect Type Conversion or Cast
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tensorflow