CVE-2022-29210
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-29210
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-29210.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-29210
- Aliases
- Related
- Published
- 2022-05-21T00:15:11Z
- Modified
- 2025-07-02T00:52:10.925178Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
TensorFlow is an open source platform for machine learning. In version 2.8.0, the
TensorKeyhash function used total estimatedAllocatedBytes(), which (a) is an estimate per tensor, and (b) is a very poor hash function for constants (e.g.int32_t). It also tried to access individual tensor bytes throughtensor.data()of sizeAllocatedBytes(). This led to ASAN failures because theAllocatedBytes()is an estimate of total bytes allocated by a tensor, including any pointed-to constructs (e.g. strings), and does not refer to contiguous bytes in the.data()buffer. The discoverers could not use this byte vector anyway because types such aststringinclude pointers, whereas they needed to hash the string values themselves. This issue is patched in Tensorflow versions 2.9.0 and 2.8.1. - References
-
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hc2f-7r5r-r2hg
- https://github.com/tensorflow/tensorflow/commit/1b85a28d395dc91f4d22b5f9e1e9a22e92ccecd6
- https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/framework/tensor_key.h#L53-L64
- https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1
- https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0
Affected packages
Git / github.com/tensorflow/tensorflow
Affected ranges
- Type
- GIT
- Repo
- https://github.com/tensorflow/tensorflow
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixedFixed