AVID-2026-R1025

Description

Denial of service in TensorFlow due to lack of validation in tf.ragged.constant (CVE-2022-29202)

Details

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.ragged.constant does not fully validate the input arguments. This results in a denial of service by consuming all available memory. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.

Reason for inclusion in AVID: CVE-2022-29202 describes a memory-exhaustion denial-of-service vulnerability in TensorFlow’s tf.ragged.constant due to input validation issues. TensorFlow is a core AI framework used in ML pipelines, so this is a software supply-chain-relevant issue affecting AI systems. It is a security vulnerability with clear CVE coverage and versioned remediation, supported by references to releases and advisories.

References

• NVD entry
• https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4
• https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2
• https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1
• https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0
• https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cwpm-f78v-7m5c
• https://github.com/tensorflow/tensorflow/issues/55199
• https://github.com/tensorflow/tensorflow/commit/bd4d5583ff9c8df26d47a23e508208844297310e
• https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/python/ops/ragged/ragged_factory_ops.py#L146-L239

Affected or Relevant Artifacts

• Developer: tensorflow
• Deployer: tensorflow
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2022-05-20
• Version: 0.3.3
• AVID Entry