Miggo Logo

CVE-2022-23591: Stack overflow in TensorFlow

7.5

CVSS Score
3.1

Basic Information

EPSS Score
0.55695%
Published
2/9/2022
Updated
11/13/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
tensorflowpip< 2.5.32.5.3
tensorflowpip>= 2.6.0, < 2.6.32.6.3
tensorflowpip= 2.7.02.7.1
tensorflow-cpupip< 2.5.32.5.3
tensorflow-cpupip>= 2.6.0, < 2.6.32.6.3
tensorflow-cpupip= 2.7.02.7.1
tensorflow-gpupip< 2.5.32.5.3
tensorflow-gpupip>= 2.6.0, < 2.6.32.6.3
tensorflow-gpupip= 2.7.02.7.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from missing validation in the SavedModel loader when processing function definitions. The commit 448a161 added ValidateFunctionNotRecursive to loader.cc to check for self-referential functions, indicating the vulnerable code path was in the function processing logic. The original implementation in ValidateSavedTensors processed function node_defs without recursion checks, making these functions vulnerable to malicious GraphDef inputs. The high confidence comes from the explicit patch location and the vulnerability's dependency on function loading mechanics.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t T** `*r*p****` *orm*t in T*nsor*low *o*s not *llow s*l* r**ursiv* *un*tions. T** runtim* *ssum*s t**t t*is inv*ri*nt is s*tis*i**. *ow*v*r, * `*r*p****` *ont*inin* * *r**m*nt su** *s t** *ollowin* **n ** *onsum** w**n lo**in* * `S*v**Mo**l

Reasoning

T** vuln*r**ility st*ms *rom missin* v*li**tion in t** S*v**Mo**l lo***r w**n pro**ssin* *un*tion ***initions. T** *ommit ******* ***** V*li**t**un*tionNotR**ursiv* to lo***r.** to ****k *or s*l*-r***r*nti*l *un*tions, in*i**tin* t** vuln*r**l* *o**