Lucene search
GoogleOSV:CVE-2022-41890HistoryNov 18, 2022 - 10:15 p.m.
CVE-2022-41890
2022-11-1822:15:16
Google
osv.dev
4
TensorFlow is an open source platform for machine learning. If BCast::ToShape is given input larger than an int32, it will crash, despite being supposed to handle up to an int64. An example can be seen in tf.experimental.numpy.outer by passing in large input to the input b. We have patched the issue in GitHub commit 8310bf8dd188ff780e7fc53245058215a05bdbe5. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.
Related
cve
cve
CVE-2022-41890
2022-11-18 22:15:00
nessus
nessus
CBL Mariner 2.0 Security Update: tensorflow (CVE-2022-41890)
2023-03-20 00:00:00
TensorFlow < 2.10.1 Multiple Vulnerabilities
2024-05-20 00:00:00
TensorFlow < 2.9.3 Multiple Vulnerabilities
2024-05-24 00:00:00
cnvd
cnvd
Google TensorFlow buffer overflow vulnerability (CNVD-2022-80683)
2022-11-23 00:00:00
osv
osv
`CHECK` fail in `BCast` overflow
2022-11-21 20:42:10
BIT-tensorflow-2022-41890
2024-03-06 11:11:11
prion
prion
Design/Logic Flaw
2022-11-18 22:15:00
cvelist
cvelist
CVE-2022-41890 `CHECK` fail in `BCast` overflow in Tensorflow
2022-11-18 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-11-22 10:12:19
github
github
`CHECK` fail in `BCast` overflow
2022-11-21 20:42:10
cbl_mariner
cbl_mariner
CVE-2022-41890 affecting package tensorflow for versions less than 2.11.0-1
2022-12-09 20:03:11
