AVID-2026-R0986

Description

Use after free in DecodePng in Tensorflow (CVE-2022-23584)

Details

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After png::CommonFreeDecode(&decode) gets called, the values of decode.width and decode.height are in an unspecified state. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.

Reason for inclusion in AVID: CVE-2022-23584 describes a use-after-free vulnerability in TensorFlow’s PNG decoding path. TensorFlow is a core AI framework used in ML pipelines, so this is a software vulnerability in a component commonly used to build/train/deploy AI systems. It affects software supply chain aspects (dependencies/frameworks) rather than hardware/firmware. The CVE includes explicit security impact, affected software, and references to fixes, meeting criteria for AI relevance, supply chain relevance, and security impact.

References

• NVD entry
• https://github.com/tensorflow/tensorflow/security/advisories/GHSA-24x4-6qmh-88qg
• https://github.com/tensorflow/tensorflow/commit/e746adbfcfee15e9cfdb391ff746c765b99bdf9b
• https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/kernels/image/decode_image_op.cc#L339-L346

Affected or Relevant Artifacts

• Developer: tensorflow
• Deployer: tensorflow
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2022-02-04
• Version: 0.3.3
• AVID Entry