AVID-2026-R0993

Description

Segfault in simplifyBroadcast in Tensorflow (CVE-2022-23593)

Details

Tensorflow is an Open Source Machine Learning Framework. The simplifyBroadcast function in the MLIR-TFRT infrastructure in TensorFlow is vulnerable to a segfault (hence, denial of service), if called with scalar shapes. If all shapes are scalar, then maxRank is 0, so we build an empty SmallVector. The fix will be included in TensorFlow 2.8.0. This is the only affected version.

Reason for inclusion in AVID: CVE-2022-23593 describes a segfault vulnerability in TensorFlow’s MLIR-TFRT path that can cause denial of service when invoked with scalar shapes. TensorFlow is a core AI/ML framework, and this vulnerability affects software used to build/train/deploy AI systems, impacting the AI software supply chain. The report includes CVE details, affected components, and a fix timeline, providing clear evidence for inclusion.

References

• NVD entry
• https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gwcx-jrx4-92w2
• https://github.com/tensorflow/tensorflow/commit/35f0fabb4c178253a964d7aabdbb15c6a398b69a
• https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/compiler/mlir/tfrt/jit/transforms/tf_cpurt_symbolic_shape_optimization.cc#L149-L205

Affected or Relevant Artifacts

• Developer: tensorflow
• Deployer: tensorflow
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2022-02-04
• Version: 0.3.3
• AVID Entry