CVE-2022-23588

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.0 through 2.7.0 (will be fixed in 2.7.1) TensorFlow versions 2.6.0 through 2.6.2 (will be fixed in 2.6.3) TensorFlow versions 2.5.0 through 2.5.2 (will be fixed in 2.5.3)

Description A malicious user can cause a denial of service by altering a SavedModel such that the Grappler optimizer would attempt to build a tensor using a reference dtype. This would result in a crash due to a CHECK-fail in the Tensor constructor as reference types are not allowed.

Recommendations For TensorFlow versions prior to 2.5.3, update to version 2.5.3 or later. For TensorFlow versions 2.5.3 to 2.6.2, update to version 2.6.3 or later. For TensorFlow versions 2.6.3 to 2.7.0, update to version 2.7.1 or later. For TensorFlow versions 2.7.1 and earlier, update to version 2.8.0 or later. As a temporary workaround, consider restricting the use of the SavedModel feature until a patch is available.