AVID-2026-R0951

Description

Undefined behavior in Tensorflow (CVE-2022-21736)

Details

Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseTensorSliceDataset has an undefined behavior: under certain condition it can be made to dereference a nullptr value. The 3 input arguments to SparseTensorSliceDataset represent a sparse tensor. However, there are some preconditions that these arguments must satisfy but these are not validated in the implementation. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.

Reason for inclusion in AVID: CVE-2022-21736 describes an undefined behavior in TensorFlow (SparseTensorSliceDataset) that can dereference a null pointer under certain conditions. TensorFlow is a core AI/ML framework, and the vulnerability affects software components used to build/train/deploy AI systems. This is a software supply-chain issue within the AI stack (libraries/frameworks) rather than hardware/firmware. The report provides concrete details, affected versions, and references, including fixes, supporting its classification as a security vulnerability in the AI software supply chain.

References

• NVD entry
• https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pfjj-m3jj-9jc9
• https://github.com/tensorflow/tensorflow/commit/965b97e4a9650495cda5a8c210ef6684b4b9eceb
• https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/data/sparse_tensor_slice_dataset_op.cc#L227-L292

Affected or Relevant Artifacts

• Developer: n/a
• Deployer: n/a
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2022-02-03
• Version: 0.3.3
• AVID Entry