CVE-2022-23589 — MEDIUM (6.5)

Q: How severe is CVE-2022-23589?

CVE-2022-23589 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2022-23589?

Check the references section above for vendor advisories and patch information. Affected products include: Google Tensorflow.

Vulnerability Description

Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow can trigger a null pointer dereference. There are 2 places where this can occur, for the same malicious alteration of a `SavedModel` file (fixing the first one would trigger the same dereference in the second place). First, during constant folding, the `GraphDef` might not have the required nodes for the binary operation. If a node is missing, the correposning `mul_*child` would be null, and the dereference in the subsequent line would be incorrect. We have a similar issue during `IsIdentityConsumingSwitch`. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Google	Tensorflow	<= 2.5.2

Related Weaknesses (CWE)

CWE-476

References

https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715ExploitThird Party Advisory
https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715ExploitThird Party Advisory
https://github.com/tensorflow/tensorflow/commit/045deec1cbdebb27d817008ad5df94d9PatchThird Party Advisory
https://github.com/tensorflow/tensorflow/commit/0a365c029e437be0349c31f8d4c9926bPatchThird Party Advisory
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9px9-73fg-3fqpPatchThird Party Advisory
https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715ExploitThird Party Advisory
https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715ExploitThird Party Advisory
https://github.com/tensorflow/tensorflow/commit/045deec1cbdebb27d817008ad5df94d9PatchThird Party Advisory
https://github.com/tensorflow/tensorflow/commit/0a365c029e437be0349c31f8d4c9926bPatchThird Party Advisory
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9px9-73fg-3fqpPatchThird Party Advisory

FAQ

What is CVE-2022-23589?

CVE-2022-23589 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow can trigger a null pointer dereference. There are 2 places where this can occur, for ...

How severe is CVE-2022-23589?

CVE-2022-23589 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-23589?

Check the references section above for vendor advisories and patch information. Affected products include: Google Tensorflow.