CVE-2022-23589

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1 and earlier TensorFlow versions 2.6.3 and earlier TensorFlow versions 2.5.3 and earlier

Description The Grappler component of TensorFlow can trigger a null pointer dereference under certain scenarios. This issue occurs in two places due to the malicious alteration of a SavedModel file. The first instance happens during constant folding when the GraphDef lacks the required nodes for a binary operation, resulting in a null mul *child and incorrect dereference. A similar issue arises during IsIdentityConsumingSwitch.

Recommendations For versions prior to 2.8.0, update to TensorFlow 2.8.0 or later. For versions 2.7.1 and earlier, update to TensorFlow 2.7.1 or later. For versions 2.6.3 and earlier, update to TensorFlow 2.6.3 or later. For versions 2.5.3 and earlier, update to TensorFlow 2.5.3 or later.