How severe is CVE-2022-23578?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.3 out of 10.

What type of vulnerability is CVE-2022-23578?

This is classified as CWE-401, which is a common weakness in software security.

CVE-2022-23578

MEDIUM Year: 2022

CVSS v3 Score

4.3

Medium

CVSS v2 Score

4.0

Medium

Weakness Type

CWE-401

View all →

Vulnerability Description

Tensorflow is an Open Source Machine Learning Framework. If a graph node is invalid, TensorFlow can leak memory in the implementation of `ImmutableExecutorState::Initialize`. Here, we set `item->kernel` to `nullptr` but it is a simple `OpKernel*` pointer so the memory that was previously allocated to it would leak. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.

CVE-2018-0891

MEDIUM

CVSS:4.3(Medium)

ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Wi...

CWE-4012018

CVE-2019-6606

MEDIUM

CVSS:4.3(Medium)

On BIG-IP 11.5.1-11.6.3.4, 12.1.0-12.1.3.7, 13.0.0-13.1.1.3, and 14.0.0-14.0.0.2, when processing certain SNMP requests with a request-id of 0, the snmpd process may leak a small amount of memory.

CWE-4012019

CVE-2020-27725

MEDIUM

CVSS:4.3(Medium)

In version 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2 of BIG-IP DNS, GTM, and Link Controller, zxfrd leaks memory when listing DNS zones. Zones can be listed...

CWE-4012020

CVE-2020-9104

MEDIUM

CVSS:4.3(Medium)

HUAWEI P30 smartphones with Versions earlier than 10.1.0.123(C431E22R2P5),Versions earlier than 10.1.0.123(C432E22R2P5),Versions earlier than 10.1.0.126(C10E7R5P1),Versions earlier than 10.1.0.126(C18...

CWE-4012020

CVE-2021-45346

MEDIUM

CVSS:4.3(Medium)

A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subs...

CWE-4012021

CVE-2021-47031

MEDIUM

CVSS:4.3(Medium)

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix memory leak in mt7921_coredump_work Fix possible memory leak in mt7921_coredump_work.

CWE-4012021

CVE-2022-23578

Vulnerability Description

Related Vulnerabilities

CVE-2018-0891

CVE-2019-6606

CVE-2020-27725

CVE-2020-9104

CVE-2021-45346

CVE-2021-47031