AVID-2026-R0982

Description

Abort caused by allocating a vector that is too large in Tensorflow (CVE-2022-23580)

Details

Tensorflow is an Open Source Machine Learning Framework. During shape inference, TensorFlow can allocate a large vector based on a value from a tensor controlled by the user. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.

Reason for inclusion in AVID: CVE-2022-23580 describes a vulnerability in TensorFlow where shape inference can allocate a large vector based on user-controlled input, causing uncontrolled resource consumption (DoS). TensorFlow is a core AI framework used in building and running ML pipelines, so this is a software vulnerability affecting AI systems. The CVE includes explicit impact, affected versions, and references, providing clear evidence of a security vulnerability in a software component integral to AI supply chains.

References

• NVD entry
• https://github.com/tensorflow/tensorflow/security/advisories/GHSA-627q-g293-49q7
• https://github.com/tensorflow/tensorflow/commit/1361fb7e29449629e1df94d44e0427ebec8c83c7
• https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/framework/shape_inference.cc#L788-L790

Affected or Relevant Artifacts

• Developer: tensorflow
• Deployer: tensorflow
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2022-02-04
• Version: 0.3.3
• AVID Entry