Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-yvef-kyv2-qbea
Vulnerability ID VCID-yvef-kyv2-qbea
Aliases GHSA-h6gw-r52c-724r
GMS-2022-49
GMS-2022-52
GMS-2022-55
Summary NULL Pointer Dereference and Access of Uninitialized Pointer in TensorFlow ### Impact The code for boosted trees in TensorFlow is still missing validation. This allows malicious users to read and write outside of bounds of heap allocated data as well as trigger denial of service (via dereferencing `nullptr`s or via `CHECK`-failures). This follows after CVE-2021-41208 where these APIs were still vulnerable to multiple security issues. **Note**: Given that the boosted trees implementation in TensorFlow is unmaintained, it is recommend to no longer use these APIs. Instead, please use the downstream [TensorFlow Decision Forests] project which is newer and supports more features. These APIs are now deprecated in TensorFlow 2.8. We will remove TensorFlow's boosted trees APIs in subsequent releases. ### Patches We have patched the known issues in multiple GitHub commits. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. This should allow users to use existing boosted trees APIs for a while until they migrate to TensorFlow Decision Forests while guaranteeing that known vulnerabilities are fixed. ### For more information Please consult our security guide for more information regarding the security model and how to contact us with issues and questions. ### Attribution These vulnerabilities have been reported by Yu Tian of Qihoo 360 AIVul Team and Faysal Hossain Shezan from University of Virginia. Some of the issues have been discovered internally after a careful audit of the APIs.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (4)
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-476 NULL Pointer Dereference
CWE-824 Access of Uninitialized Pointer
System Score Found at
cvssv3.1_qr CRITICAL https://github.com/advisories/GHSA-h6gw-r52c-724r
cvssv3.1 9.3 https://github.com/tensorflow/tensorflow
generic_textual CRITICAL https://github.com/tensorflow/tensorflow
cvssv3.1 9.3 https://github.com/tensorflow/tensorflow/blob/e0b6e58c328059829c3eb968136f17aa72b6c876/tensorflow/core/kernels/boosted_trees/stats_ops.cc
generic_textual CRITICAL https://github.com/tensorflow/tensorflow/blob/e0b6e58c328059829c3eb968136f17aa72b6c876/tensorflow/core/kernels/boosted_trees/stats_ops.cc
cvssv3.1 9.3 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-57wx-m983-2f88
generic_textual CRITICAL https://github.com/tensorflow/tensorflow/security/advisories/GHSA-57wx-m983-2f88
cvssv3.1 9.3 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6gw-r52c-724r
cvssv3.1_qr CRITICAL https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6gw-r52c-724r
generic_textual CRITICAL https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6gw-r52c-724r
Reference id Reference type URL
https://github.com/tensorflow/tensorflow
https://github.com/tensorflow/tensorflow/blob/e0b6e58c328059829c3eb968136f17aa72b6c876/tensorflow/core/kernels/boosted_trees/stats_ops.cc
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-57wx-m983-2f88
GHSA-h6gw-r52c-724r https://github.com/advisories/GHSA-h6gw-r52c-724r
GHSA-h6gw-r52c-724r https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6gw-r52c-724r
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Found at https://github.com/tensorflow/tensorflow
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Found at https://github.com/tensorflow/tensorflow/blob/e0b6e58c328059829c3eb968136f17aa72b6c876/tensorflow/core/kernels/boosted_trees/stats_ops.cc
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Found at https://github.com/tensorflow/tensorflow/security/advisories/GHSA-57wx-m983-2f88
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Found at https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6gw-r52c-724r
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

No EPSS data available for this vulnerability.

Date Actor Action Source VulnerableCode Version
2026-05-30T20:56:54.881553+00:00 GitLab Importer Import https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/tensorflow/GMS-2022-49.yml 38.6.0