Lucene search
GoogleOSV:CVE-2022-23569HistoryFeb 03, 2022 - 1:15 p.m.
CVE-2022-23569
2022-02-0313:15:08
Google
osv.dev
7
tensorflow
denial of service
vulnerability
patch
github
fix
tfsa-2021-198
machine learning
EPSS
0.001
Percentile
32.8%
Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via CHECK-fails (i.e., assertion failures). This is similar to TFSA-2021-198 and has similar fixes. We have patched the reported issues in multiple GitHub commits. It is possible that other similar instances exist in TensorFlow, we will issue fixes as these are discovered. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
Related
cvelist
cvelist
osv
osv
PYSEC-2022-133
2022-02-03 13:15:00
BIT-tensorflow-2022-23569
2024-03-06 11:15:16
PYSEC-2022-78
2022-02-03 13:15:00
cnvd
cnvd
Tensorflow Denial of Service Vulnerability (CNVD-2022-31833)
2022-02-25 00:00:00
nvd
nvd
CVE-2022-23569
2022-02-03 13:15:08
veracode
veracode
Denial Of Service (DoS)
2022-02-11 10:06:50
prion
prion
Stack overflow
2022-02-03 13:15:00
cve
cve
CVE-2022-23569
2022-02-03 13:15:08
github
github
`CHECK`-fails when building invalid tensor shapes in Tensorflow
2022-02-09 23:38:56
