Lucene search
GoogleOSV:CVE-2022-23561HistoryFeb 04, 2022 - 11:15 p.m.
CVE-2022-23561
2022-02-0423:15:13
Google
osv.dev
5
tensorflow
tflite
vulnerability
memory allocator
write primitive
Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause a write outside of bounds of an array in TFLite. In fact, the attacker can override the linked list used by the memory allocator. This can be leveraged for an arbitrary write primitive under certain conditions. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
Related
osv
osv
BIT-tensorflow-2022-23561
2024-03-06 11:15:26
PYSEC-2022-70
2022-02-04 23:15:00
PYSEC-2022-125
2022-02-04 23:15:00
cvelist
cvelist
CVE-2022-23561 Out of bounds write in TFLite
2022-02-04 22:32:46
cnvd
cnvd
Google Tensorflow Buffer Overflow Vulnerability (CNVD-2022-09887)
2022-02-09 00:00:00
prion
prion
Out-of-bounds
2022-02-04 23:15:00
github
github
Out of bounds write in TFLite
2022-02-09 23:53:47
nvd
nvd
CVE-2022-23561
2022-02-04 23:15:13
cve
cve
CVE-2022-23561
2022-02-04 23:15:13
