AVID-2026-R0971

Description

Integer overflows in Tensorflow (CVE-2022-23568)

Details

Tensorflow is an Open Source Machine Learning Framework. The implementation of AddManySparseToTensorsMap is vulnerable to an integer overflow which results in a CHECK-fail when building new TensorShape objects (so, an assert failure based denial of service). We are missing some validation on the shapes of the input tensors as well as directly constructing a large TensorShape with user-provided dimensions. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.

Reason for inclusion in AVID: This CVE describes an integer overflow in TensorFlow’s AddManySparseToTensorsMap leading to a CHECK-fail and denial of service. TensorFlow is a core AI framework used to build/train/deploy general-purpose AI systems, so the vulnerability resides in the AI software stack. It is a software security vulnerability in a widely-used dependency applicable to ML pipelines, constituting a software supply-chain issue for GP AI systems. The report provides concrete vulnerability details, affected versions, and CVE references, giving sufficient signal.

References

Affected or Relevant Artifacts

Developer: n/a
Deployer: n/a
Artifact Details:

Type	Name
System	n/a

Impact

AVID Taxonomy Categorization

Risk domains: Security
SEP subcategories: S0100: Software Vulnerability
Lifecycle stages: L06: Deployment

CVSS

Version	3.1
Vector String	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score	6.5
Base Severity	🟠 Medium
Attack Vector	NETWORK
Attack Complexity	🟢 Low
Privileges Required	🟢 Low
User Interaction	NONE
Scope	UNCHANGED
Confidentiality Impact	NONE
Integrity Impact	NONE
Availability Impact	🔴 High

Other information

Report Type: Advisory
Credits:
Date Reported: 2022-02-03
Version: 0.3.3
AVID Entry