CVE-2022-41900

Description

### Impact An input `pooling_ratio` that is smaller than 1 will trigger a heap OOB in [`tf.raw_ops.FractionalMaxPool`](https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/fractional_max_pool_op.cc) and [`tf.raw_ops.FractionalAvgPool`](https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/fractional_avg_pool_op.cc). ### Patches We have patched the issue in GitHub commit [216525144ee7c910296f5b05d214ca1327c9ce48](https://github.com/tensorflow/tensorflow/commit/216525144ee7c910296f5b05d214ca1327c9ce48). The fix will be included in TensorFlow 2.11.0. We will also cherry pick this commit on TensorFlow 2.10.1. ### For more information Please consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.

How to fix CVE-2022-41900

To remediate CVE-2022-41900, upgrade the affected package to a fixed version below.

• —upgrade to 2.8.4 or later
• —upgrade to 2.8.4 or later
• —upgrade to 2.8.4 or later
• —upgrade to 2.8.4 or later

Is CVE-2022-41900 being exploited?

Low — EPSS is 1.2%, meaning exploitation activity has not been observed at scale.

Affected packages (4)

• from 0, < 2.8.4, >= 2.9.0, < 2.9.3, >= 2.10.0, < 2.10.1
• from 0, < 2.8.4
• from 0, < 2.8.4
• from 0, < 2.8.4

CVSS scores

References (4)

• ADVISORYnvd.nist.gov/vuln/detail/CVE-2022-41900
• PATCHgithub.com/tensorflow/tensorflow
• WEBgithub.com/tensorflow/tensorflow/commit/216525144ee7c910296f5b05d214ca1327c9ce48
• WEBgithub.com/tensorflow/tensorflow/security/advisories/GHSA-xvwp-h6jv-7472