CVE-2022-41885
Overflow in `FusedResizeAndPadConv2D` in Tensorflow
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
TensorFlow is an open source platform for machine learning. When `tf.raw_ops.FusedResizeAndPadConv2D` is given a large tensor shape, it overflows. We have patched the issue in GitHub commit d66e1d568275e6a2947de97dca7a102a211e01ce. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.
TensorFlow es una plataforma de código abierto para aprendizaje automático. Cuando a `tf.raw_ops.FusedResizeAndPadConv2D` se le da una forma de tensor grande, se desborda. Hemos solucionado el problema en GitHub en el commit d66e1d568275e6a2947de97dca7a102a211e01ce. La solución se incluirá en TensorFlow 2.11. También aplicaremos este commit en TensorFlow 2.10.1, 2.9.3 y TensorFlow 2.8.4, ya que estos también se ven afectados y aún se encuentran en el rango admitido.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-09-30 CVE Reserved
- 2022-11-18 CVE Published
- 2024-07-09 EPSS Updated
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-131: Incorrect Calculation of Buffer Size
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/conv_ops_fused_image_transform.cc | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://github.com/tensorflow/tensorflow/security/advisories/GHSA-762h-vpvw-3rcx | 2024-08-03 |
| URL | Date | SRC |
|---|---|---|
| https://github.com/tensorflow/tensorflow/commit/d66e1d568275e6a2947de97dca7a102a211e01ce | 2022-11-23 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Google Search vendor "Google" | Tensorflow Search vendor "Google" for product "Tensorflow" | < 2.7.4 Search vendor "Google" for product "Tensorflow" and version " < 2.7.4" | - |
Affected
| ||||||
| Google Search vendor "Google" | Tensorflow Search vendor "Google" for product "Tensorflow" | >= 2.8.0 < 2.8.1 Search vendor "Google" for product "Tensorflow" and version " >= 2.8.0 < 2.8.1" | - |
Affected
| ||||||
| Google Search vendor "Google" | Tensorflow Search vendor "Google" for product "Tensorflow" | >= 2.9.0 < 2.9.1 Search vendor "Google" for product "Tensorflow" and version " >= 2.9.0 < 2.9.1" | - |
Affected
| ||||||
| Google Search vendor "Google" | Tensorflow Search vendor "Google" for product "Tensorflow" | 2.10.0 Search vendor "Google" for product "Tensorflow" and version "2.10.0" | rc0 |
Affected
| ||||||
| Google Search vendor "Google" | Tensorflow Search vendor "Google" for product "Tensorflow" | 2.10.0 Search vendor "Google" for product "Tensorflow" and version "2.10.0" | rc1 |
Affected
| ||||||
| Google Search vendor "Google" | Tensorflow Search vendor "Google" for product "Tensorflow" | 2.10.0 Search vendor "Google" for product "Tensorflow" and version "2.10.0" | rc2 |
Affected
| ||||||
| Google Search vendor "Google" | Tensorflow Search vendor "Google" for product "Tensorflow" | 2.10.0 Search vendor "Google" for product "Tensorflow" and version "2.10.0" | rc3 |
Affected
| ||||||