Lucene search
GoogleOSV:PYSEC-2022-133HistoryFeb 03, 2022 - 1:15 p.m.
PYSEC-2022-133
2022-02-0313:15:00
Google
osv.dev
18
tensorflow
denial of service
vulnerability
patched
github
tensorflow 2.8.0
cherrypick
commit
supported range
EPSS
0.001
Percentile
32.8%
Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via CHECK-fails (i.e., assertion failures). This is similar to TFSA-2021-198 and has similar fixes. We have patched the reported issues in multiple GitHub commits. It is possible that other similar instances exist in TensorFlow, we will issue fixes as these are discovered. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
Related
osv
osv
CVE-2022-23569
2022-02-03 13:15:08
BIT-tensorflow-2022-23569
2024-03-06 11:15:16
PYSEC-2022-78
2022-02-03 13:15:00
cvelist
cvelist
cnvd
cnvd
Tensorflow Denial of Service Vulnerability (CNVD-2022-31833)
2022-02-25 00:00:00
nvd
nvd
CVE-2022-23569
2022-02-03 13:15:08
veracode
veracode
Denial Of Service (DoS)
2022-02-11 10:06:50
prion
prion
Stack overflow
2022-02-03 13:15:00
cve
cve
CVE-2022-23569
2022-02-03 13:15:08
github
github
`CHECK`-fails when building invalid tensor shapes in Tensorflow
2022-02-09 23:38:56
