CVE-2022-29208 - 漏洞详情

CVE-2022-29208 (CNNVD-202205-3903)

HIGH

中文标题:

Google TensorFlow缓冲区错误漏洞

英文标题:

Segfault and Out-of-bounds Write write due to incomplete validation in TensorFlow

CVSS分数: 7.1

发布时间: 2022-05-20 22:30:13

漏洞类型: 缓冲区错误

状态: PUBLISHED

数据质量分数: 0.30

数据版本: v3

漏洞描述

中文描述:

Google TensorFlow是美国谷歌（Google）公司的一套用于机器学习的端到端开源平台。 Google TensorFlow 2.9.0之前版本、2.8.1之前版本、2.7.2之前版本和2.6.4之前版本存在缓冲区错误漏洞，该漏洞源于tf.raw_ops.EditDistance对于实现的验证不完整。攻击者可以传递负值来利用该漏洞触发基于分段错误的拒绝服务。

英文描述:

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.EditDistance` has incomplete validation. Users can pass negative values to cause a segmentation fault based denial of service. In multiple places throughout the code, one may compute an index for a write operation. However, the existing validation only checks against the upper bound of the array. Hence, it is possible to write before the array by massaging the input to generate negative values for `loc`. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.

CWE类型:

CWE-787

受影响产品

厂商	产品	版本	版本范围	平台	CPE
tensorflow	tensorflow	< 2.6.4	-	-	`cpe:2.3:a:tensorflow:tensorflow:<_2.6.4:::::::*`
tensorflow	tensorflow	>= 2.7.0rc0, < 2.7.2	-	-	`cpe:2.3:a:tensorflow:tensorflow:>=_2.7.0rc0,_<_2.7.2:::::::*`
tensorflow	tensorflow	>= 2.8.0rc0, < 2.8.1	-	-	`cpe:2.3:a:tensorflow:tensorflow:>=_2.8.0rc0,_<_2.8.1:::::::*`
tensorflow	tensorflow	>= 2.9.0rc0, < 2.9.0	-	-	`cpe:2.3:a:tensorflow:tensorflow:>=_2.9.0rc0,_<_2.9.0:::::::*`
google	tensorflow	*	-	-	`cpe:2.3:a:google:tensorflow::::::::`
google	tensorflow	2.7.0	-	-	`cpe:2.3:a:google:tensorflow:2.7.0:rc0::::::`
google	tensorflow	2.8.0	-	-	`cpe:2.3:a:google:tensorflow:2.8.0:-::::::`
google	tensorflow	2.9.0	-	-	`cpe:2.3:a:google:tensorflow:2.9.0:rc0::::::`

解决方案

中文解决方案:

（暂无数据）

英文解决方案:

（暂无数据）