AVID-2026-R1062

Description

OOB read in Gather_nd op in TensorFlow Lite (CVE-2022-35937)

Details

TensorFlow is an open source platform for machine learning. The GatherNd function takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read is triggered. This issue has been patched in GitHub commit 595a65a3e224a0362d7e68c2213acfc2b499a196. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Reason for inclusion in AVID: CVE-2022-35937 describes an out-of-bounds read in TensorFlow Lite’s Gather_nd operation, a software vulnerability in a core ML framework used in AI pipelines. It affects TensorFlow Lite, a runtime/library commonly used to build, deploy, and run AI systems, representing a security vulnerability with potential data exposure. Patches exist (commit and projected releases). Sufficient evidence is provided (CVE entry, advisories, patch details). Therefore it meets AI-related, GP AI supply-chain, security/safety vulnerability criteria with clear evidence.

References

• NVD entry
• https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pxrw-j2fv-hx3h
• https://github.com/tensorflow/tensorflow/commit/595a65a3e224a0362d7e68c2213acfc2b499a196
• https://github.com/tensorflow/tensorflow/blob/f463040eb3997e42e60a2ffc6dc72de7ef11dbb4/tensorflow/lite/kernels/gather_nd.cc#L105-L111

Affected or Relevant Artifacts

• Developer: tensorflow
• Deployer: tensorflow
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2022-09-16
• Version: 0.3.3
• AVID Entry