CVE-2022-23591

HIGH

Google Tensorflow < 2.5.2 - Denial of Service

Title source: rule

Description

Tensorflow is an Open Source Machine Learning Framework. The `GraphDef` format in TensorFlow does not allow self recursive functions. The runtime assumes that this invariant is satisfied. However, a `GraphDef` containing a fragment such as the following can be consumed when loading a `SavedModel`. This would result in a stack overflow during execution as resolving each `NodeDef` means resolving the function itself and its nodes. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.

References (2)

[Patch, Third Party Advisory] https://github.com/tensorflow/tensorflow/security/advisories/GHSA-247x-2f9f-5wp7

[Patch, Third Party Advisory] https://github.com/tensorflow/tensorflow/commit/448a16182065bd08a202d9057dd8ca541e67996c

View Patch ZIP pw:eip

Scores

CVSS v3 7.5

EPSS 0.0034

EPSS Percentile 56.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-674 CWE-400

Status published

Products (5)

google/tensorflow 2.7.0

google/tensorflow < 2.5.2

pypi/tensorflow 0 - 2.5.3PyPI

pypi/tensorflow-cpu 0 - 2.5.3PyPI

pypi/tensorflow-gpu 0 - 2.5.3PyPI

Published Feb 04, 2022

Tracked Since Feb 18, 2026