Lucene search
GoogleOSV:GHSA-H246-CGH4-7475HistoryNov 21, 2022 - 8:42 p.m.
`CHECK` fail in `BCast` overflow
2022-11-2120:42:10
Google
osv.dev
5
0.001 Low
EPSS
Percentile
36.0%
Impact
If BCast::ToShape is given input larger than an int32, it will crash, despite being supposed to handle up to an int64. An example can be seen in tf.experimental.numpy.outer by passing in large input to the input b.
import tensorflow as tf
value = tf.constant(shape=[2, 1024, 1024, 1024], value=False)
tf.experimental.numpy.outer(a=6,b=value)
Patches
We have patched the issue in GitHub commit 8310bf8dd188ff780e7fc53245058215a05bdbe5.
The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by Pattarakrit Rattankul.
References
Related
nessus
nessus
CBL Mariner 2.0 Security Update: tensorflow (CVE-2022-41890)
2023-03-20 00:00:00
TensorFlow < 2.9.3 Multiple Vulnerabilities
2024-05-24 00:00:00
TensorFlow < 2.10.1 Multiple Vulnerabilities
2024-05-20 00:00:00
cnvd
cnvd
Google TensorFlow buffer overflow vulnerability (CNVD-2022-80683)
2022-11-23 00:00:00
cve
cve
CVE-2022-41890
2022-11-18 22:15:00
prion
prion
Design/Logic Flaw
2022-11-18 22:15:00
cvelist
cvelist
CVE-2022-41890 `CHECK` fail in `BCast` overflow in Tensorflow
2022-11-18 00:00:00
osv
osv
CVE-2022-41890
2022-11-18 22:15:16
BIT-tensorflow-2022-41890
2024-03-06 11:11:11
veracode
veracode
Denial Of Service (DoS)
2022-11-22 10:12:19
github
github
`CHECK` fail in `BCast` overflow
2022-11-21 20:42:10
cbl_mariner
cbl_mariner
CVE-2022-41890 affecting package tensorflow for versions less than 2.11.0-1
2022-12-09 20:03:11
