Description
Tensorflow is an Open Source Machine Learning Framework. TensorFlow is vulnerable to a heap OOB write in `Grappler`. The `set_output` function writes to an array at the specified index. Hence, this gives a malicious user a write primitive. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
References (4)
Core 4
Core References
Patch, Third Party Advisory x_refsource_confirm
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5qw5-89mw-wcg2
Patch, Third Party Advisory x_refsource_misc
https://github.com/tensorflow/tensorflow/commit/97282c6d0d34476b6ba033f961590b783fa184cd
Exploit, Third Party Advisory x_refsource_misc
https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/shape_inference.h#L394
Exploit, Third Party Advisory x_refsource_misc
https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/costs/graph_properties.cc#L1132-L1141
Scores
CVSS v3
8.8
EPSS
0.0039
EPSS Percentile
60.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-787
Status
published
Products (5)
google/tensorflow
2.7.0
google/tensorflow
< 2.5.2
pypi/tensorflow
0 - 2.5.3PyPI
pypi/tensorflow-cpu
0 - 2.5.3PyPI
pypi/tensorflow-gpu
0 - 2.5.3PyPI
Published
Feb 04, 2022
Tracked Since
Feb 18, 2026