Lucene search

[email protected]NVD:CVE-2022-21732

HistoryFeb 03, 2022 - 12:15 p.m.

CVE-2022-21732

2022-02-0312:15:07

CWE-770

[email protected]

web.nvd.nist.gov

tensorflow

denial of service

vulnerability

fix

threadpoolhandle

memory allocation

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

60.0%

JSON

Tensorflow is an Open Source Machine Learning Framework. The implementation of ThreadPoolHandle can be used to trigger a denial of service attack by allocating too much memory. This is because the num_threads argument is only checked to not be negative, but there is no upper bound on its value. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.

Affected configurations

Nvd

Node

googletensorflowRange≤2.5.2

googletensorflowRange2.6.0–2.6.2

googletensorflowMatch2.7.0

VendorProductVersionCPE
googletensorflow*cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*
googletensorflow2.7.0cpe:2.3:a:google:tensorflow:2.7.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	tensorflow	*	cpe:2.3:a:google:tensorflow::::::::
google	tensorflow	2.7.0	cpe:2.3:a:google:tensorflow:2.7.0:::::::*

References

github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/data/experimental/threadpool_dataset_op.cc#L79-L135

github.com/tensorflow/tensorflow/commit/e3749a6d5d1e8d11806d4a2e9cc3123d1a90b75e

github.com/tensorflow/tensorflow/security/advisories/GHSA-c582-c96p-r5cq