Login Sign Up

CVE-2022-23587

8.8 HIGH

📋 TL;DR

This CVE describes an integer overflow vulnerability in TensorFlow's Grappler component during cost estimation for crop and resize operations. Attackers can trigger undefined behavior by manipulating cropping parameters, potentially leading to crashes or arbitrary code execution. Users of affected TensorFlow versions are vulnerable.

💻 Affected Systems

Products:
  • TensorFlow
Versions: TensorFlow 2.5.0 to 2.7.0, and earlier versions if using crop and resize operations
Operating Systems: All platforms running TensorFlow
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems using crop and resize operations with user-controlled parameters.

📦 What is this software?

Tensorflow by Google

View all CVEs affecting Tensorflow →

Tensorflow by Google

View all CVEs affecting Tensorflow →

Tensorflow by Google

View all CVEs affecting Tensorflow →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, or denial of service.

🟠

Likely Case

Application crashes, denial of service, or memory corruption leading to instability.

🟢

If Mitigated

Limited impact with proper input validation and sandboxing, potentially just crashes.

🌐 Internet-Facing: HIGH - TensorFlow models often process user-controlled inputs in web applications.
🏢 Internal Only: MEDIUM - Internal ML pipelines could be exploited by malicious insiders or compromised systems.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires specific crop and resize operations with malicious parameters.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: TensorFlow 2.8.0, 2.7.1, 2.6.3, 2.5.3

Vendor Advisory: https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8jj7-5vxc-pg2q

Restart Required: Yes

Instructions:

1. Check current TensorFlow version. 2. Upgrade to patched version via pip: pip install --upgrade tensorflow==2.8.0 (or appropriate version). 3. Restart all TensorFlow services and applications.

🔧 Temporary Workarounds

Input Validation

all

Validate and sanitize all user-controlled cropping parameters before passing to TensorFlow.

Disable Crop and Resize

all

Temporarily disable or replace crop and resize operations in ML pipelines if not critical.

🧯 If You Can't Patch

  • Implement strict input validation for all crop and resize parameters
  • Run TensorFlow in sandboxed/isolated environments with limited privileges

🔍 How to Verify

Check if Vulnerable:

Check TensorFlow version and verify if crop and resize operations are used with user inputs.

Check Version:

python -c "import tensorflow as tf; print(tf.__version__)"

Verify Fix Applied:

Verify TensorFlow version is 2.8.0, 2.7.1, 2.6.3, or 2.5.3 using version check command.

📡 Detection & Monitoring

Log Indicators:

  • TensorFlow crashes, segmentation faults, or abnormal termination logs related to crop/resize operations

Network Indicators:

  • Unusual patterns in ML inference requests with large or malformed cropping parameters

SIEM Query:

source="tensorflow" AND ("crop" OR "resize") AND ("crash" OR "segfault" OR "error")

📊 Metadata

CVE ID: CVE-2022-23587
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-190
Published: February 4, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-23587, you might also want to check these:

CVE-2025-64721 10.0

This vulnerability in Sandboxie allows sandboxed processes to exploit an integer overflow in the Sbi...

Same vulnerability type (CWE-190)
CVE-2025-52581 9.8

An integer overflow vulnerability in libbiosig's GDF file parsing allows arbitrary code execution wh...

Same vulnerability type (CWE-190)
CVE-2025-53518 9.8

An integer overflow vulnerability in libbiosig's ABF file parser allows arbitrary code execution whe...

Same vulnerability type (CWE-190)