We use cookies to improve your experience on our site.
AVID-2026-R1033
Description
Heap buffer overflow due to incorrect hash function in TensorFlow (CVE-2022-29210)
Details
TensorFlow is an open source platform for machine learning. In version 2.8.0, the TensorKey hash function used total estimated AllocatedBytes(), which (a) is an estimate per tensor, and (b) is a very poor hash function for constants (e.g. int32_t). It also tried to access individual tensor bytes through tensor.data() of size AllocatedBytes(). This led to ASAN failures because the AllocatedBytes() is an estimate of total bytes allocated by a tensor, including any pointed-to constructs (e.g. strings), and does not refer to contiguous bytes in the .data() buffer. The discoverers could not use this byte vector anyway because types such as tstring include pointers, whereas they needed to hash the string values themselves. This issue is patched in Tensorflow versions 2.9.0 and 2.8.1.
Reason for inclusion in AVID: The candidate describes a CVE in TensorFlow (a core ML framework) involving a heap buffer overflow in a component used for tensor hashing. This is a software vulnerability within an AI framework, affecting runtimes/dependencies used to build/train/deploy AI systems. It affects general-purpose AI software stacks; evidence includes affected versions and patches, signaling a vulnerability in the AI software supply chain.
References
- NVD entry
- https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1
- https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hc2f-7r5r-r2hg
- https://github.com/tensorflow/tensorflow/commit/1b85a28d395dc91f4d22b5f9e1e9a22e92ccecd6
- https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/framework/tensor_key.h#L53-L64
Affected or Relevant Artifacts
- Developer: tensorflow
- Deployer: tensorflow
- Artifact Details:
| Type | Name |
|---|---|
| System | tensorflow |
Impact
AVID Taxonomy Categorization
- Risk domains: Security
- SEP subcategories: S0100: Software Vulnerability
- Lifecycle stages: L06: Deployment
CVSS
| Version | 3.1 |
| Vector String | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
| Base Score | 5.5 |
| Base Severity | 🟠 Medium |
| Attack Vector | LOCAL |
| Attack Complexity | 🟢 Low |
| Privileges Required | 🟢 Low |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | NONE |
| Integrity Impact | NONE |
| Availability Impact | 🔴 High |
CWE
| ID | Description |
|---|---|
| CWE-120 | CWE-120: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) |
| CWE-122 | CWE-122: Heap-based Buffer Overflow |
Other information
- Report Type: Advisory
- Credits:
- Date Reported: 2022-05-20
- Version: 0.3.3
- AVID Entry