AVID-2026-R1090

Description

CHECK fail in FakeQuantWithMinMaxVarsPerChannelGradient in TensorFlow (CVE-2022-35990)

Details

TensorFlow is an open source platform for machine learning. When tf.quantization.fake_quant_with_min_max_vars_per_channel_gradient receives input min or max of rank other than 1, it gives a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit f3cf67ac5705f4f04721d15e485e192bb319feed. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range.There are no known workarounds for this issue.

Reason for inclusion in AVID: CVE-2022-35990 affects TensorFlow, a core AI framework used in ML pipelines. It describes a vulnerability that can trigger a denial-of-service via an assertion failure in a TensorFlow operation, with public CVE and advisory details and a cited commit fix. This concerns software components used to build/train/deploy AI systems, aligning with software supply chain in AI stacks. Sufficient evidence is provided in the report.

References

• NVD entry
• https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h7ff-cfc9-wmmh
• https://github.com/tensorflow/tensorflow/commit/f3cf67ac5705f4f04721d15e485e192bb319feed

Affected or Relevant Artifacts

• Developer: tensorflow
• Deployer: tensorflow
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2022-09-16
• Version: 0.3.3
• AVID Entry