CVE Vulnerability

CVE-2022-23559

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both `embedding_size` and `lookup_size` are products of values provided by the user. Hence, a malicious user could trigger overflows in the multiplication. In certain scenarios, this can then result in heap OOB read/write. Users are advised to upgrade to a patched version.

6.5 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8 / Impact : 6.4

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Scope

8.8 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://github.com/tensorflow/tensorflow/blob/ca6f96b62ad84207fbec580404eaa7dd7403a550/tensorflow/lite/kernels/embedding_lookup_sparse.cc#L179-L189 Exploit Third Party Advisory
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-98p5-x8x4-c9m5 Patch Third Party Advisory
https://github.com/tensorflow/tensorflow/commit/a4e401da71458d253b05e41f28637b65baf64be4 Patch Third Party Advisory
https://github.com/tensorflow/tensorflow/commit/1de49725a5fc4e48f1a3b902ec3599ee99283043 Patch Third Party Advisory
https://github.com/tensorflow/tensorflow/commit/f19be71717c497723ba0cea0379e84f061a75e01 Patch Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:google:tensorflow:2.7.0:*:*:*:*:*:*:*
cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*
cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*
Information

Published : 2022-02-04 11:15

Updated : 2022-02-09 06:53

NVD link : CVE-2022-23559

Mitre link : CVE-2022-23559

Products Affected
No products.
CWE
CWE-190