CVE-2022-41887 — MEDIUM (4.8)

Q: How severe is CVE-2022-41887?

CVE-2022-41887 has been rated MEDIUM with a CVSS base score of 4.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2022-41887?

Check the references section above for vendor advisories and patch information. Affected products include: Google Tensorflow.

Vulnerability Description

TensorFlow is an open source platform for machine learning. `tf.keras.losses.poisson` receives a `y_pred` and `y_true` that are passed through `functor::mul` in `BinaryOp`. If the resulting dimensions overflow an `int32`, TensorFlow will crash due to a size mismatch during broadcast assignment. We have patched the issue in GitHub commit c5b30379ba87cbe774b08ac50c1f6d36df4ebb7c. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1 and 2.9.3, as these are also affected and still in supported range. However, we will not cherrypick this commit into TensorFlow 2.8.x, as it depends on Eigen behavior that changed between 2.8 and 2.9.

CVSS Score

4.8

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Google	Tensorflow	>= 2.9.0, < 2.9.3

Related Weaknesses (CWE)

CWE-131

References

https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/cwiThird Party Advisory
https://github.com/tensorflow/tensorflow/blob/master/tensorflow/python/keras/losThird Party Advisory
https://github.com/tensorflow/tensorflow/commit/c5b30379ba87cbe774b08ac50c1f6d36PatchThird Party Advisory
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8fvv-46hw-vpg3ExploitPatchThird Party Advisory
https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/cwiThird Party Advisory
https://github.com/tensorflow/tensorflow/blob/master/tensorflow/python/keras/losThird Party Advisory
https://github.com/tensorflow/tensorflow/commit/c5b30379ba87cbe774b08ac50c1f6d36PatchThird Party Advisory
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8fvv-46hw-vpg3ExploitPatchThird Party Advisory

FAQ

What is CVE-2022-41887?

CVE-2022-41887 is a vulnerability with a CVSS score of 4.8 (MEDIUM). TensorFlow is an open source platform for machine learning. `tf.keras.losses.poisson` receives a `y_pred` and `y_true` that are passed through `functor::mul` in `BinaryOp`. If the resulting dimensions...

How severe is CVE-2022-41887?

CVE-2022-41887 has been rated MEDIUM with a CVSS base score of 4.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-41887?

Check the references section above for vendor advisories and patch information. Affected products include: Google Tensorflow.