Lucene search
PRIOn knowledge basePRION:CVE-2022-23594HistoryFeb 04, 2022 - 11:15 p.m.
Stack overflow
2022-02-0423:15:00
PRIOn knowledge base
www.prio-n.com
4
Tensorflow is an Open Source Machine Learning Framework. The TFG dialect of TensorFlow (MLIR) makes several assumptions about the incoming GraphDef before converting it to the MLIR-based dialect. If an attacker changes the SavedModel format on disk to invalidate these assumptions and the GraphDef is then converted to MLIR-based IR then they can cause a crash in the Python interpreter. Under certain scenarios, heap OOB read/writes are possible. These issues have been discovered via fuzzing and it is possible that more weaknesses exist. We will patch them as they are discovered.
| CPE | Name | Operator | Version |
|---|---|---|---|
| tensorflow | eq | 2.7.0 |
Related
cve
cve
CVE-2022-23594
2022-02-04 23:15:15
cvelist
cvelist
CVE-2022-23594 Out of bounds read in Tensorflow
2022-02-04 22:32:11
nvd
nvd
CVE-2022-23594
2022-02-04 23:15:15
osv
osv
Out of bounds read in Tensorflow
2022-02-09 23:32:41
CVE-2022-23594
2022-02-04 23:15:15
BIT-tensorflow-2022-23594
2024-03-06 11:14:43
github
github
Out of bounds read in Tensorflow
2022-02-09 23:32:41
cnvd
cnvd
Google Tensorflow Buffer Overflow Vulnerability (CNVD-2022-09865)
2022-02-09 00:00:00
