#VU62998 Use-after-free in TensorFlow - CVE-2022-23584

Cybersecurity Help s.r.o.

Published: 2022-05-11 | Updated: 2022-05-11

Vulnerability identifier: #VU62998

Vulnerability risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-23584

CWE-ID: CWE-416

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
TensorFlow
Server applications / Other server solutions

Vendor: TensorFlow

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when decoding PNG images. A remote attacker can pass a specially crafted PNG image, trigger a use-after-free error and execute arbitrary code on the system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

TensorFlow: 2.0.0 - 2.0.4, 2.1.0 - 2.1.4, 2.2.0 - 2.2.3, 2.3.0 - 2.3.4, 2.4.0 - 2.4.4, 2.5.0 - 2.5.2, 2.6.0 - 2.6.2, 2.7.0

External links
https://github.com/tensorflow/tensorflow/commit/e746adbfcfee15e9cfdb391ff746c765b99bdf9b
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-24x4-6qmh-88qg
https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/kernels/image/decode_image_op.cc#L339-L346

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in TensorFlow