CVE-2022-41911
MEDIUMTensorFlow < 2.8.4, 2.9.0-2.9.3, 2.10.0-2.10.1 - Denial of Service via Undefined Char-to-Bool Conversion
Title source: llmDescription
TensorFlow is an open source platform for machine learning. When printing a tensor, we get it's data as a `const char*` array (since that's the underlying storage) and then we typecast it to the element type. However, conversions from `char` to `bool` are undefined if the `char` is not `0` or `1`, so sanitizers/fuzzers will crash. The issue has been patched in GitHub commit `1be74370327`. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.10.1, TensorFlow 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.
References (3)
Core 3
Core References
Patch, Third Party Advisory
https://github.com/tensorflow/tensorflow/blob/807cae8a807960fd7ac2313cde73a11fc15e7942/tensorflow/core/framework/tensor.cc#L1200-L1227
Patch, Third Party Advisory
https://github.com/tensorflow/tensorflow/commit/1be743703279782a357adbf9b77dcb994fe8b508
Patch, Third Party Advisory
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pf36-r9c6-h97j
Scores
CVSS v3
4.8
EPSS
0.0040
EPSS Percentile
31.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-704
Status
published
Products (5)
google/tensorflow
2.10.0
google/tensorflow
< 2.8.4
pypi/tensorflow
0 - 2.8.4PyPI
pypi/tensorflow-cpu
2.9.0 - 2.9.3PyPI
pypi/tensorflow-gpu
2.10.0 - 2.10.1PyPI
Published
Nov 18, 2022
Tracked Since
Feb 18, 2026