CVE-2022-23559

moderate-risk
Published 2022-02-04

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both `embedding_size` and `lookup_size` are products of values provided by the user. Hence, a malicious user could trigger overflows in the multiplication. In certain scenarios, this can then result in heap OOB read/write. Users are advised to upgrade to a patched version.

Do I need to act?

-
0.52% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10 High
NETWORK / LOW complexity

Affected Products (2)

Affected Vendors

Google

References (10)

Exploit https://github.com/tensorflow/tensorflow/blob/ca6f96b62ad84207fbec580404eaa7dd74...
Patch https://github.com/tensorflow/tensorflow/commit/1de49725a5fc4e48f1a3b902ec3599ee...
Patch https://github.com/tensorflow/tensorflow/commit/a4e401da71458d253b05e41f28637b65...
Patch https://github.com/tensorflow/tensorflow/commit/f19be71717c497723ba0cea0379e84f0...
Patch https://github.com/tensorflow/tensorflow/security/advisories/GHSA-98p5-x8x4-c9m5
Exploit https://github.com/tensorflow/tensorflow/blob/ca6f96b62ad84207fbec580404eaa7dd74...
Patch https://github.com/tensorflow/tensorflow/commit/1de49725a5fc4e48f1a3b902ec3599ee...
Patch https://github.com/tensorflow/tensorflow/commit/a4e401da71458d253b05e41f28637b65...
Patch https://github.com/tensorflow/tensorflow/commit/f19be71717c497723ba0cea0379e84f0...
Patch https://github.com/tensorflow/tensorflow/security/advisories/GHSA-98p5-x8x4-c9m5
39
/ 100
moderate-risk
Severity 30/34 · Critical
Exploitability 2/34 · Minimal
Exposure 7/34 · Low