CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
54.5%
Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel
such that Grappler optimizer would attempt to build a tensor using a reference dtype
. This would result in a crash due to a CHECK
-fail in the Tensor
constructor as reference types are not allowed. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
[
{
"product": "tensorflow",
"vendor": "tensorflow",
"versions": [
{
"status": "affected",
"version": ">= 2.7.0, < 2.7.1"
},
{
"status": "affected",
"version": ">= 2.6.0, < 2.6.3"
},
{
"status": "affected",
"version": "< 2.5.3"
}
]
}
]
github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/tensor.cc#L733-L781
github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/constant_folding.cc#L1328-L1402
github.com/tensorflow/tensorflow/commit/6b5adc0877de832b2a7c189532dbbbc64622eeb6
github.com/tensorflow/tensorflow/security/advisories/GHSA-fx5c-h9f6-rv7c