CVE-2022-23581: `CHECK`-failures during Grappler's `IsSimplifiableReshape` in Tensorflow
6.5
CVSS Score
3.1
Basic Information
CVE ID
GHSA ID
EPSS Score
0.62772%
CWE
Published
2/7/2022
Updated
11/7/2024
KEV Status
No
Technology
Python
Technical Details
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
tensorflow | pip | < 2.5.3 | 2.5.3 |
tensorflow | pip | >= 2.6.0, < 2.6.3 | 2.6.3 |
tensorflow-cpu | pip | < 2.5.3 | 2.5.3 |
tensorflow-cpu | pip | >= 2.6.0, < 2.6.3 | 2.6.3 |
tensorflow-gpu | pip | < 2.5.3 | 2.5.3 |
tensorflow-gpu | pip | >= 2.6.0, < 2.6.3 | 2.6.3 |
tensorflow | pip | = 2.7.0 | 2.7.1 |
tensorflow-cpu | pip | = 2.7.0 | 2.7.1 |
tensorflow-gpu | pip | = 2.7.0 | 2.7.1 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stems from two specific CHECK assertions in IsSimplifiableReshape:
- CHECK_LE(2, node.input_size()) - Could fail if Reshape node has <2 inputs
- CHECK_EQ(1, outputs.size()) - Could fail if shape evaluation produced ≠1 output These were replaced with error returns in the patches (1fb2773 and 2406555). The CWE-617 (Reachable Assertion) classification confirms this pattern. The function's role in processing Reshape operations during optimization makes it a clear attack surface for crafted models.