CVE-2022-29208

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.EditDistance` has incomplete validation. Users can pass negative values to cause a segmentation fault based denial of service. In multiple places throughout the code, one may compute an index for a write operation. However, the existing validation only checks against the upper bound of the array. Hence, it is possible to write before the array by massaging the input to generate negative values for `loc`. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.1 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
googletensorflow
𝑥
< 2.6.4
googletensorflow
2.7.0 ≤
𝑥
< 2.7.2
googletensorflow
2.7.0:rc0
googletensorflow
2.7.0:rc1
googletensorflow
2.8.0
googletensorflow
2.8.0:rc0
googletensorflow
2.8.0:rc1
googletensorflow
2.9.0:rc0
googletensorflow
2.9.0:rc1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/tensorflow/tensorflow/commit/30721cf564cb029d34535446d6a5a6357bebc8e7
https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4
https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2
https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1
https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2r2f-g8mw-9gvr
https://github.com/tensorflow/tensorflow/commit/30721cf564cb029d34535446d6a5a6357bebc8e7
https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4
https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2
https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1
https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2r2f-g8mw-9gvr