AVID-2026-R0991

Description

Stack overflow in Tensorflow (CVE-2022-23591)

Details

Tensorflow is an Open Source Machine Learning Framework. The GraphDef format in TensorFlow does not allow self recursive functions. The runtime assumes that this invariant is satisfied. However, a GraphDef containing a fragment such as the following can be consumed when loading a SavedModel. This would result in a stack overflow during execution as resolving each NodeDef means resolving the function itself and its nodes. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.

Reason for inclusion in AVID: CVE-2022-23591 describes a stack overflow in TensorFlow’s GraphDef processing that can be triggered during loading of a SavedModel, causing a potential denial of service. TensorFlow is a core AI framework; this vulnerability affects software components used to build, train, deploy, or serve AI models, representing a software supply chain issue in AI stacks. The report includes CVE details, affected versions, and CVSS-based impact, signaling a security vulnerability.

References

• NVD entry
• https://github.com/tensorflow/tensorflow/security/advisories/GHSA-247x-2f9f-5wp7
• https://github.com/tensorflow/tensorflow/commit/448a16182065bd08a202d9057dd8ca541e67996c

Affected or Relevant Artifacts

• Developer: tensorflow
• Deployer: tensorflow
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2022-02-04
• Version: 0.3.3
• AVID Entry