CVE-2022-36014: Null-dereference in `mlir::tfg::TFOp::nameAttr` in TensorFlow
First published: Fri Sep 16 2022(Updated: )
TensorFlow is an open source platform for machine learning. When `mlir::tfg::TFOp::nameAttr` receives null type list attributes, it crashes. We have patched the issue in GitHub commits 3a754740d5414e362512ee981eefba41561a63a6 and a0f0b9a21c9270930457095092f558fbad4c03e5. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.
Credit: security-advisories@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google TensorFlow | <2.7.2 | |
| Google TensorFlow | >=2.8.0<2.8.1 | |
| Google TensorFlow | >=2.9.0<2.9.1 | |
| Google TensorFlow | =2.10-rc0 | |
| Google TensorFlow | =2.10-rc1 | |
| Google TensorFlow | =2.10-rc2 | |
| Google TensorFlow | =2.10-rc3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/ir/importexport/graphdef_import.cc
- https://github.com/tensorflow/tensorflow/commit/3a754740d5414e362512ee981eefba41561a63a6
- https://github.com/tensorflow/tensorflow/commit/a0f0b9a21c9270930457095092f558fbad4c03e5
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7j3m-8g3c-9qqq
Frequently Asked Questions
What is CVE-2022-36014?
CVE-2022-36014 is a vulnerability in TensorFlow where `mlir::tfg::TFOp::nameAttr` crashes when it receives null type list attributes.
Which versions of TensorFlow are affected by CVE-2022-36014?
Versions up to and including TensorFlow 2.7.2 are affected by CVE-2022-36014.
Is there a fix for CVE-2022-36014?
Yes, the fix for CVE-2022-36014 is included in GitHub commits 3a754740d5414e362512ee981eefba41561a63a6 and a0f0b9a21c9270930457095092f558fbad4c03e5.
Where can I find more information about CVE-2022-36014?
You can find more information about CVE-2022-36014 on the GitHub links: [GitHub Link 1](https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/ir/importexport/graphdef_import.cc), [GitHub Link 2](https://github.com/tensorflow/tensorflow/commit/3a754740d5414e362512ee981eefba41561a63a6), [GitHub Link 3](https://github.com/tensorflow/tensorflow/commit/a0f0b9a21c9270930457095092f558fbad4c03e5).
What is the severity rating of CVE-2022-36014?
CVE-2022-36014 has a severity rating of 7.5 (high).
- collector/nvd-index
- agent/type
- agent/references
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/title
- agent/last-modified-date
- agent/severity
- agent/author
- agent/remedy
- agent/tags
- agent/event
- agent/first-publish-date
- agent/description
- vendor/google
- canonical/google tensorflow
- version/google tensorflow/2.8.0
- version/google tensorflow/2.9.0
- version/google tensorflow/2.10-rc0
- version/google tensorflow/2.10-rc1
- version/google tensorflow/2.10-rc2
- version/google tensorflow/2.10-rc3