AVID-2026-R1088

Description

CHECK fail in DenseBincount in TensorFlow (CVE-2022-35987)

Details

TensorFlow is an open source platform for machine learning. DenseBincount assumes its input tensor weights to either have the same shape as its input tensor input or to be length-0. A different weights shape will trigger a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit bf4c14353c2328636a18bfad1e151052c81d5f43. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Reason for inclusion in AVID: CVE-2022-35987 describes a vulnerability in TensorFlow’s DenseBincount that can trigger a denial-of-service via a mis-specified weights shape. TensorFlow is a core AI framework used to build/train/deploy AI systems, so this is a software supply-chain vulnerability within AI pipelines. The report provides affected versions, a fix commit, and explicit security impact, meeting the criteria for a security vulnerability with sufficient evidence.

References

• NVD entry
• https://github.com/tensorflow/tensorflow/security/advisories/GHSA-w62h-8xjm-fv49
• https://github.com/tensorflow/tensorflow/commit/bf4c14353c2328636a18bfad1e151052c81d5f43

Affected or Relevant Artifacts

• Developer: tensorflow
• Deployer: tensorflow
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2022-09-16
• Version: 0.3.3
• AVID Entry