CVE-2022-23593

MEDIUM

TensorFlow 2.7.0-2.8.0 - Denial of Service via Scalar Shape Handling in simplifyBroadcast

Title source: llm

Description

Tensorflow is an Open Source Machine Learning Framework. The `simplifyBroadcast` function in the MLIR-TFRT infrastructure in TensorFlow is vulnerable to a segfault (hence, denial of service), if called with scalar shapes. If all shapes are scalar, then `maxRank` is 0, so we build an empty `SmallVector`. The fix will be included in TensorFlow 2.8.0. This is the only affected version.

References (3)

Core 3

Core References

Patch, Third Party Advisory x_refsource_confirm

https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gwcx-jrx4-92w2

Patch, Third Party Advisory x_refsource_misc

https://github.com/tensorflow/tensorflow/commit/35f0fabb4c178253a964d7aabdbb15c6a398b69a

View Patch ZIP pw:eip

Exploit, Third Party Advisory x_refsource_misc

https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/compiler/mlir/tfrt/jit/transforms/tf_cpurt_symbolic_shape_optimization.cc#L149-L205

View Exploit ZIP pw:eip

Scores

CVSS v3 5.9

EPSS 0.0086

EPSS Percentile 53.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-754

Status published

Products (4)

google/tensorflow 2.7.0 - 2.8.0

pypi/tensorflow 2.8.0-rc0 - 2.8.0PyPI

pypi/tensorflow-cpu 2.8.0-rc0 - 2.8.0PyPI

pypi/tensorflow-gpu 2.8.0-rc0 - 2.8.0PyPI

Published Feb 04, 2022

Tracked Since Feb 18, 2026