Lucene search
GoogleOSV:CVE-2022-23592HistoryFeb 04, 2022 - 11:15 p.m.
CVE-2022-23592
2022-02-0423:15:15
Google
osv.dev
9
tensorflow
type inference
heap out of bounds
bounds checking
production
input_idx
node_t.args
fix
version 2.8.0
affected
Tensorflow is an Open Source Machine Learning Framework. TensorFlow’s type inference can cause a heap out of bounds read as the bounds checking is done in a DCHECK (which is a no-op during production). An attacker can control the input_idx variable such that ix would be larger than the number of values in node_t.args. The fix will be included in TensorFlow 2.8.0. This is the only affected version.
Related
cvelist
cvelist
CVE-2022-23592 Out of bounds read in Tensorflow
2022-02-04 22:32:14
cnvd
cnvd
Google Tensorflow Buffer Overflow Vulnerability (CNVD-2022-09864)
2022-02-09 00:00:00
github
github
Out of bounds read in Tensorflow
2022-02-09 23:31:48
osv
osv
PYSEC-2022-101
2022-02-04 23:15:00
BIT-tensorflow-2022-23592
2024-03-06 11:14:46
PYSEC-2022-156
2022-02-04 23:15:00
cve
cve
CVE-2022-23592
2022-02-04 23:15:15
nvd
nvd
CVE-2022-23592
2022-02-04 23:15:15
prion
prion
Heap overflow
2022-02-04 23:15:00
