CVE-2022-23589

MEDIUM

TensorFlow < 2.5.3 - NULL Pointer Dereference in Grappler Component

Title source: llm
STIX 2.1

Description

Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow can trigger a null pointer dereference. There are 2 places where this can occur, for the same malicious alteration of a `SavedModel` file (fixing the first one would trigger the same dereference in the second place). First, during constant folding, the `GraphDef` might not have the required nodes for the binary operation. If a node is missing, the correposning `mul_*child` would be null, and the dereference in the subsequent line would be incorrect. We have a similar issue during `IsIdentityConsumingSwitch`. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.

References (5)

Core 5
Core References

Scores

CVSS v3 6.5
EPSS 0.0108
EPSS Percentile 60.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-476
Status published
Products (5)
google/tensorflow 2.7.0
google/tensorflow < 2.5.2
pypi/tensorflow 0 - 2.5.3PyPI
pypi/tensorflow-cpu 0 - 2.5.3PyPI
pypi/tensorflow-gpu 0 - 2.5.3PyPI
Published Feb 04, 2022
Tracked Since Feb 18, 2026