2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
32.6%
There is a potential for segfault / denial of service in TensorFlow by calling tf.compat.v1.*
ops which don’t yet have support for quantized types (added after migration to TF 2.x):
import numpy as np
import tensorflow as tf
tf.compat.v1.placeholder_with_default(input=np.array([2]),shape=tf.constant(dtype=tf.qint8, value=np.array([1])))
In these scenarios, since the kernel is missing, a nullptr
value is passed to ParseDimensionValue
for the py_value
argument. Then, this is dereferenced, resulting in segfault.
We have patched the issue in GitHub commit 237822b59fc504dda2c564787f5d3ad9c4aa62d9.
The fix will be included in TensorFlow 2.9.0. We will also cherrypick this commit on TensorFlow 2.8.1, TensorFlow 2.7.2, and TensorFlow 2.6.4, as these are also affected and still in supported range.
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
This vulnerability has been reported by Hong Jin from Singapore Management University.
CPE | Name | Operator | Version |
---|---|---|---|
tensorflow-gpu | lt | 2.8.1 | |
tensorflow-gpu | lt | 2.7.2 | |
tensorflow-gpu | lt | 2.6.4 | |
tensorflow-cpu | lt | 2.8.1 | |
tensorflow-cpu | lt | 2.7.2 | |
tensorflow-cpu | lt | 2.6.4 | |
tensorflow | lt | 2.8.1 | |
tensorflow | lt | 2.7.2 | |
tensorflow | lt | 2.6.4 |
github.com/advisories/GHSA-54ch-gjq5-4976
github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/python/eager/pywrap_tfe_src.cc#L296-L320
github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/python/eager/pywrap_tfe_src.cc#L480-L482
github.com/tensorflow/tensorflow/commit/237822b59fc504dda2c564787f5d3ad9c4aa62d9
github.com/tensorflow/tensorflow/releases/tag/v2.6.4
github.com/tensorflow/tensorflow/releases/tag/v2.7.2
github.com/tensorflow/tensorflow/releases/tag/v2.8.1
github.com/tensorflow/tensorflow/releases/tag/v2.9.0
github.com/tensorflow/tensorflow/security/advisories/GHSA-54ch-gjq5-4976
nvd.nist.gov/vuln/detail/CVE-2022-29205
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
32.6%