TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, there is a potential for segfault / denial of service in TensorFlow by calling tf.compat.v1.* ops which dont yet have support for quantized types, which was added after migration to TensorFlow 2.x. In these scenarios, since the kernel is missing, a nullptr value is passed to ParseDimensionValue for the py_value argument. Then, this is dereferenced, resulting in segfault. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Tensorflow | * | 2.6.4 (excluding) | |
| Tensorflow | 2.7.0 (including) | 2.7.2 (excluding) | |
| Tensorflow | 2.7.0-rc0 (including) | 2.7.0-rc0 (including) | |
| Tensorflow | 2.7.0-rc1 (including) | 2.7.0-rc1 (including) | |
| Tensorflow | 2.8.0 (including) | 2.8.0 (including) | |
| Tensorflow | 2.8.0-rc0 (including) | 2.8.0-rc0 (including) | |
| Tensorflow | 2.8.0-rc1 (including) | 2.8.0-rc1 (including) | |
| Tensorflow | 2.9.0-rc0 (including) | 2.9.0-rc0 (including) | |
| Tensorflow | 2.9.0-rc1 (including) | 2.9.0-rc1 (including) |