CVE-2022-23592

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-23592

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-23592.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-23592

Aliases

Published

2022-02-04T22:32:14Z

Modified

2026-02-05T07:58:17.559511Z

Severity

8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVSS Calculator

Summary

Out of bounds read in Tensorflow

Details

Tensorflow is an Open Source Machine Learning Framework. TensorFlow's type inference can cause a heap out of bounds read as the bounds checking is done in a DCHECK (which is a no-op during production). An attacker can control the input_idx variable such that ix would be larger than the number of values in node_t.args. The fix will be included in TensorFlow 2.8.0. This is the only affected version.

Database specific

{
    "cwe_ids": [
        "CWE-125"
    ],
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/23xxx/CVE-2022-23592.json"
}

References

Affected packages

Git / github.com/tensorflow/tensorflow

Affected ranges

Type: GIT
Repo: https://github.com/tensorflow/tensorflow
Events: Introduced

c256c071bb26e1e13b4666d1b3e229e110bc914a

Fixed

c99d98cd189839dcf51aee94e7437b54b31f8abd

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-23592.json"

vanir_signatures

[
    {
        "signature_type": "Line",
        "signature_version": "v1",
        "source": "https://github.com/tensorflow/tensorflow/commit/c99d98cd189839dcf51aee94e7437b54b31f8abd",
        "digest": {
            "line_hashes": [
                "136651980621224309214062973178986216571",
                "315342723120849409558061145063358964265",
                "278934803457203388621311444072048361556",
                "250291118351502504129999968134957631312",
                "2264576344377463300726046103558255457",
                "332267417778269824759097762631808357996",
                "72481936810125389658479841137545332434"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2022-23592-390d04c3",
        "deprecated": false,
        "target": {
            "file": "tensorflow/core/graph/graph.cc"
        }
    },
    {
        "signature_type": "Function",
        "signature_version": "v1",
        "source": "https://github.com/tensorflow/tensorflow/commit/c99d98cd189839dcf51aee94e7437b54b31f8abd",
        "digest": {
            "function_hash": "199817465963297102726003794640360933190",
            "length": 1581.0
        },
        "id": "CVE-2022-23592-65cb5a3a",
        "deprecated": false,
        "target": {
            "file": "tensorflow/core/graph/graph.cc",
            "function": "Node::RunForwardTypeInference"
        }
    }
]