High severityNVD Advisory· Published Feb 4, 2022· Updated Apr 22, 2025
Out of bounds write in Tensorflow
CVE-2022-23566
Description
Tensorflow is an Open Source Machine Learning Framework. TensorFlow is vulnerable to a heap OOB write in Grappler. The set_output function writes to an array at the specified index. Hence, this gives a malicious user a write primitive. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
tensorflowPyPI | < 2.5.3 | 2.5.3 |
tensorflowPyPI | >= 2.6.0, < 2.6.3 | 2.6.3 |
tensorflowPyPI | >= 2.7.0, < 2.7.1 | 2.7.1 |
tensorflow-cpuPyPI | < 2.5.3 | 2.5.3 |
tensorflow-cpuPyPI | >= 2.6.0, < 2.6.3 | 2.6.3 |
tensorflow-cpuPyPI | >= 2.7.0, < 2.7.1 | 2.7.1 |
tensorflow-gpuPyPI | < 2.5.3 | 2.5.3 |
tensorflow-gpuPyPI | >= 2.6.0, < 2.6.3 | 2.6.3 |
tensorflow-gpuPyPI | >= 2.7.0, < 2.7.1 | 2.7.1 |
Affected products
1- Range: >= 2.7.0, < 2.7.1
Patches
197282c6d0d34Prevent a crash due to heap OOB write in grappler.
1 file changed · +6 −1
tensorflow/core/grappler/costs/graph_properties.cc+6 −1 modified@@ -1134,7 +1134,12 @@ class SymbolicShapeRefiner { GetUnknownOutputShape(node, output_port); InferenceContext* ctx = GetContext(node); if (ctx == nullptr) { - return errors::InvalidArgument("Missing context"); + return errors::InvalidArgument("SetUnknownShape: Missing context"); + } + if (output_port < 0 || output_port >= ctx->num_outputs()) { + return errors::InvalidArgument( + "SetUnknownShape: output_port must be in [0, ", ctx->num_outputs(), + ") but was ", output_port); } ctx->set_output(output_port, shape); return Status::OK();
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
8- github.com/advisories/GHSA-5qw5-89mw-wcg2ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-23566ghsaADVISORY
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-75.yamlghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-130.yamlghsaWEB
- github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/shape_inference.hghsax_refsource_MISCWEB
- github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/costs/graph_properties.ccghsax_refsource_MISCWEB
- github.com/tensorflow/tensorflow/commit/97282c6d0d34476b6ba033f961590b783fa184cdghsax_refsource_MISCWEB
- github.com/tensorflow/tensorflow/security/advisories/GHSA-5qw5-89mw-wcg2ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.