CVE-2022-29207

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-29207

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-29207.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-29207

Aliases

Published

2022-05-20T22:10:12Z

Modified

2025-10-30T20:11:23.956628Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

Undefined behavior when users supply invalid resource handles in TensorFlow

Details

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, multiple TensorFlow operations misbehave in eager mode when the resource handle provided to them is invalid. In graph mode, it would have been impossible to perform these API calls, but migration to TF 2.x eager mode opened up this vulnerability. If the resource handle is empty, then a reference is bound to a null pointer inside TensorFlow codebase (various codepaths). This is undefined behavior. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.

Database specific

{
    "cwe_ids": [
        "CWE-20",
        "CWE-475"
    ]
}

References

Affected packages

Git / github.com/tensorflow/tensorflow

Affected ranges

Type

GIT

Repo

https://github.com/tensorflow/tensorflow

Events

Introduced

Fixed

33ed2b11cb8e879d86c371700e6573db1814a69e

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.6.4"
        }
    ]
}

Type

GIT

Repo

https://github.com/tensorflow/tensorflow

Events

Introduced

ce35e5c3a8efdb8161c6a85c8fb9ffb5bbdc9ffd

Fixed

dd7b8a3c1714d0052ce4b4a2fd8dcef927439a24

Database specific

{
    "versions": [
        {
            "introduced": "2.7.0rc0"
        },
        {
            "fixed": "2.7.2"
        }
    ]
}

Type

GIT

Repo

https://github.com/tensorflow/tensorflow

Events

Introduced

804ef7223ef08fd14c274b4a4044cc4aeee68863

Fixed

0516d4d8bced506cae97dc3cb45dbd2fe4311f26

Database specific

{
    "versions": [
        {
            "introduced": "2.8.0rc0"
        },
        {
            "fixed": "2.8.1"
        }
    ]
}

Type

GIT

Repo

https://github.com/tensorflow/tensorflow

Events

Introduced

8727d035e7aa593720d16a5f57f70f3b5a93bd00

Fixed

8a20d54a3c1bfa38c03ea99a2ad3c1b0a45dfa95

Database specific

{
    "versions": [
        {
            "introduced": "2.9.0rc0"
        },
        {
            "fixed": "2.9.0"
        }
    ]
}

Affected versions

0.*

0.12.0-rc0

0.12.0-rc1

0.12.1

0.5.0

0.6.0

v0.*

v0.10.0

v0.10.0rc0

v0.11.0

v0.11.0rc0

v0.11.0rc1

v0.11.0rc2

v0.12.0

v0.7.0

v0.7.1

v0.8.0rc0

v0.9.0

v0.9.0rc0

v1.*

v1.0.0

v1.0.0-alpha

v1.0.0-rc0

v1.0.0-rc1

v1.0.0-rc2

v1.1.0

v1.1.0-rc0

v1.1.0-rc1

v1.1.0-rc2

v1.12.0

v1.12.0-rc0

v1.12.0-rc1

v1.12.0-rc2

v1.12.1

v1.2.0

v1.2.0-rc0

v1.2.0-rc1

v1.2.0-rc2

v1.3.0-rc0

v1.3.0-rc1

v1.5.0

v1.5.0-rc0

v1.5.0-rc1

v1.6.0

v1.6.0-rc0

v1.6.0-rc1

v1.7.0

v1.7.0-rc0

v1.7.0-rc1

v1.8.0

v1.8.0-rc0

v1.8.0-rc1

v1.9.0

v1.9.0-rc0

v1.9.0-rc1

v1.9.0-rc2

v2.*

v2.6.0

v2.6.0-rc0

v2.6.0-rc1

v2.6.0-rc2

v2.6.1

v2.6.2

v2.6.3

v2.7.0

v2.7.0-rc0

v2.7.0-rc1

v2.7.1

v2.8.0

v2.8.0-rc0

v2.8.0-rc1

v2.9.0-rc0

v2.9.0-rc1

v2.9.0-rc2