GSD-2022-41911
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
TensorFlow is an open source platform for machine learning. When printing a tensor, we get it's data as a `const char*` array (since that's the underlying storage) and then we typecast it to the element type. However, conversions from `char` to `bool` are undefined if the `char` is not `0` or `1`, so sanitizers/fuzzers will crash. The issue has been patched in GitHub commit `1be74370327`. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.10.1, TensorFlow 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-41911",
"id": "GSD-2022-41911"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-41911"
],
"details": "TensorFlow is an open source platform for machine learning. When printing a tensor, we get it\u0027s data as a `const char*` array (since that\u0027s the underlying storage) and then we typecast it to the element type. However, conversions from `char` to `bool` are undefined if the `char` is not `0` or `1`, so sanitizers/fuzzers will crash. The issue has been patched in GitHub commit `1be74370327`. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.10.1, TensorFlow 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.",
"id": "GSD-2022-41911",
"modified": "2023-12-13T01:19:33.187404Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-41911",
"STATE": "PUBLIC",
"TITLE": "Invalid char to bool conversion when printing a tensor in Tensorflow"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "tensorflow",
"version": {
"version_data": [
{
"version_value": "\u003e= 2.10.0, \u003c 2.10.1"
},
{
"version_value": "\u003e= 2.9.0, \u003c 2.9.3"
},
{
"version_value": "\u003c 2.8.4"
}
]
}
}
]
},
"vendor_name": "tensorflow"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TensorFlow is an open source platform for machine learning. When printing a tensor, we get it\u0027s data as a `const char*` array (since that\u0027s the underlying storage) and then we typecast it to the element type. However, conversions from `char` to `bool` are undefined if the `char` is not `0` or `1`, so sanitizers/fuzzers will crash. The issue has been patched in GitHub commit `1be74370327`. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.10.1, TensorFlow 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-704: Incorrect Type Conversion or Cast"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pf36-r9c6-h97j",
"refsource": "CONFIRM",
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pf36-r9c6-h97j"
},
{
"name": "https://github.com/tensorflow/tensorflow/commit/1be743703279782a357adbf9b77dcb994fe8b508",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/commit/1be743703279782a357adbf9b77dcb994fe8b508"
},
{
"name": "https://github.com/tensorflow/tensorflow/blob/807cae8a807960fd7ac2313cde73a11fc15e7942/tensorflow/core/framework/tensor.cc#L1200-L1227",
"refsource": "MISC",
"url": "https://github.com/tensorflow/tensorflow/blob/807cae8a807960fd7ac2313cde73a11fc15e7942/tensorflow/core/framework/tensor.cc#L1200-L1227"
}
]
},
"source": {
"advisory": "GHSA-pf36-r9c6-h97j",
"discovery": "UNKNOWN"
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003c2.8.4||\u003e=2.9.0,\u003c2.9.3||\u003e=2.10.0,\u003c2.10.1",
"affected_versions": "All versions before 2.8.4, all versions starting from 2.9.0 before 2.9.3, all versions starting from 2.10.0 before 2.10.1",
"cwe_ids": [
"CWE-1035",
"CWE-704",
"CWE-937"
],
"date": "2022-11-21",
"description": "TensorFlow is an open source platform for machine learning. When printing a tensor, we get it\u0027s data as a `const char*` array (since that\u0027s the underlying storage) and then we typecast it to the element type. However, conversions from `char` to `bool` are undefined if the `char` is not `0` or `1`, so sanitizers/fuzzers will crash. The issue has been patched in GitHub commit `1be74370327`. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.10.1, TensorFlow 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.",
"fixed_versions": [
"2.8.4",
"2.9.3",
"2.10.1"
],
"identifier": "CVE-2022-41911",
"identifiers": [
"GHSA-pf36-r9c6-h97j",
"CVE-2022-41911"
],
"not_impacted": "All versions starting from 2.8.4 before 2.9.0, all versions starting from 2.9.3 before 2.10.0, all versions starting from 2.10.1",
"package_slug": "pypi/tensorflow-cpu",
"pubdate": "2022-11-21",
"solution": "Upgrade to versions 2.8.4, 2.9.3, 2.10.1 or above.",
"title": "Incorrect Type Conversion or Cast",
"urls": [
"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pf36-r9c6-h97j",
"https://nvd.nist.gov/vuln/detail/CVE-2022-41911",
"https://github.com/tensorflow/tensorflow/commit/1be743703279782a357adbf9b77dcb994fe8b508",
"https://github.com/tensorflow/tensorflow/blob/807cae8a807960fd7ac2313cde73a11fc15e7942/tensorflow/core/framework/tensor.cc#L1200-L1227",
"https://github.com/advisories/GHSA-pf36-r9c6-h97j"
],
"uuid": "bf439dc5-5b49-4cee-b116-4cbfc87e5d06"
},
{
"affected_range": "\u003c2.8.4||\u003e=2.9.0,\u003c2.9.3||\u003e=2.10.0,\u003c2.10.1",
"affected_versions": "All versions before 2.8.4, all versions starting from 2.9.0 before 2.9.3, all versions starting from 2.10.0 before 2.10.1",
"cwe_ids": [
"CWE-1035",
"CWE-704",
"CWE-937"
],
"date": "2022-11-21",
"description": "TensorFlow is an open source platform for machine learning. When printing a tensor, we get it\u0027s data as a `const char*` array (since that\u0027s the underlying storage) and then we typecast it to the element type. However, conversions from `char` to `bool` are undefined if the `char` is not `0` or `1`, so sanitizers/fuzzers will crash. The issue has been patched in GitHub commit `1be74370327`. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.10.1, TensorFlow 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.",
"fixed_versions": [
"2.8.4",
"2.10.1",
"2.9.3"
],
"identifier": "CVE-2022-41911",
"identifiers": [
"GHSA-pf36-r9c6-h97j",
"CVE-2022-41911"
],
"not_impacted": "All versions starting from 2.8.4 before 2.9.0, all versions starting from 2.9.3 before 2.10.0, all versions starting from 2.10.1",
"package_slug": "pypi/tensorflow-gpu",
"pubdate": "2022-11-21",
"solution": "Upgrade to versions 2.8.4, 2.10.1, 2.9.3 or above.",
"title": "Incorrect Type Conversion or Cast",
"urls": [
"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pf36-r9c6-h97j",
"https://nvd.nist.gov/vuln/detail/CVE-2022-41911",
"https://github.com/tensorflow/tensorflow/commit/1be743703279782a357adbf9b77dcb994fe8b508",
"https://github.com/tensorflow/tensorflow/blob/807cae8a807960fd7ac2313cde73a11fc15e7942/tensorflow/core/framework/tensor.cc#L1200-L1227",
"https://github.com/advisories/GHSA-pf36-r9c6-h97j"
],
"uuid": "3880f485-6a3e-4418-9ab7-140b7e13ed91"
},
{
"affected_range": "\u003c2.8.4||\u003e=2.9.0,\u003c2.9.3||==2.10.0",
"affected_versions": "All versions before 2.8.4, all versions starting from 2.9.0 before 2.9.3, version 2.10.0",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-704",
"CWE-937"
],
"date": "2022-11-23",
"description": "TensorFlow is an open source platform for machine learning. When printing a tensor, we get it\u0027s data as a `const char*` array (since that\u0027s the underlying storage) and then we typecast it to the element type. However, conversions from `char` to `bool` are undefined if the `char` is not `0` or `1`, so sanitizers/fuzzers will crash. The issue has been patched in GitHub commit `1be74370327`. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.10.1, TensorFlow 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.",
"fixed_versions": [
"2.8.4",
"2.9.3",
"2.10.1"
],
"identifier": "CVE-2022-41911",
"identifiers": [
"CVE-2022-41911",
"GHSA-pf36-r9c6-h97j"
],
"not_impacted": "All versions starting from 2.8.4 before 2.9.0, all versions starting from 2.9.3 before 2.10.0, all versions after 2.10.0",
"package_slug": "pypi/tensorflow",
"pubdate": "2022-11-18",
"solution": "Upgrade to versions 2.8.4, 2.9.3, 2.10.1 or above.",
"title": "Incorrect Type Conversion or Cast",
"urls": [
"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pf36-r9c6-h97j",
"https://nvd.nist.gov/vuln/detail/CVE-2022-41911",
"https://github.com/tensorflow/tensorflow/commit/1be743703279782a357adbf9b77dcb994fe8b508",
"https://github.com/tensorflow/tensorflow/blob/807cae8a807960fd7ac2313cde73a11fc15e7942/tensorflow/core/framework/tensor.cc#L1200-L1227",
"https://github.com/advisories/GHSA-pf36-r9c6-h97j"
],
"uuid": "87c933e7-0d01-43e1-89f1-d3d2adae8d29"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:google:tensorflow:2.10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.9.3",
"versionStartIncluding": "2.9.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.8.4",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-41911"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "TensorFlow is an open source platform for machine learning. When printing a tensor, we get it\u0027s data as a `const char*` array (since that\u0027s the underlying storage) and then we typecast it to the element type. However, conversions from `char` to `bool` are undefined if the `char` is not `0` or `1`, so sanitizers/fuzzers will crash. The issue has been patched in GitHub commit `1be74370327`. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.10.1, TensorFlow 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-704"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/tensorflow/tensorflow/commit/1be743703279782a357adbf9b77dcb994fe8b508",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/tensorflow/tensorflow/commit/1be743703279782a357adbf9b77dcb994fe8b508"
},
{
"name": "https://github.com/tensorflow/tensorflow/blob/807cae8a807960fd7ac2313cde73a11fc15e7942/tensorflow/core/framework/tensor.cc#L1200-L1227",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/tensorflow/tensorflow/blob/807cae8a807960fd7ac2313cde73a11fc15e7942/tensorflow/core/framework/tensor.cc#L1200-L1227"
},
{
"name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pf36-r9c6-h97j",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pf36-r9c6-h97j"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-11-23T16:41Z",
"publishedDate": "2022-11-18T22:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…