AVID-2026-R1073

Description

Segfault in QuantizedAvgPool in TensorFlow (CVE-2022-35966)

Details

TensorFlow is an open source platform for machine learning. If QuantizedAvgPool is given min_input or max_input tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 7cdf9d4d2083b739ec81cfdace546b0c99f50622. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Reason for inclusion in AVID: CVE-2022-35966 is a software vulnerability in TensorFlow (an AI framework) causing a segfault and potential denial-of-service. TensorFlow is a core component used in building/training/deploying AI systems, so this affects the AI software supply chain. The report provides explicit vulnerability details, patch information, and references, giving clear evidence.

References

• NVD entry
• https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4w68-4x85-mjj9
• https://github.com/tensorflow/tensorflow/commit/7cdf9d4d2083b739ec81cfdace546b0c99f50622

Affected or Relevant Artifacts

• Developer: tensorflow
• Deployer: tensorflow
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2022-09-16
• Version: 0.3.3
• AVID Entry