AVID-2026-R1091

Description

CHECK fail in TensorListScatter and TensorListScatterV2 in TensorFlow (CVE-2022-35991)

Details

TensorFlow is an open source platform for machine learning. When TensorListScatter and TensorListScatterV2 receive an element_shape of a rank greater than one, they give a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit bb03fdf4aae944ab2e4b35c7daa051068a8b7f61. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Reason for inclusion in AVID: CVE-2022-35991 describes a vulnerability in TensorFlow (an ML framework) where CHECK failures in TensorListScatter and TensorListScatterV2 can lead to denial of service. This directly concerns software used to build/train/deploy general-purpose AI systems, i.e., the AI software stack. It is a security vulnerability (CWE-617) with a published CVE and patch details. The issue is software-based (not hardware/firmware only) and affects dependencies/frameworks commonly used in AI pipelines, fitting the AVID criteria for software supply-chain issues in general-purpose AI systems. Sufficient evidence is provided via CVE entry, advisory, and commit patch information.

References

• NVD entry
• https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vm7x-4qhj-rrcq
• https://github.com/tensorflow/tensorflow/commit/bb03fdf4aae944ab2e4b35c7daa051068a8b7f61

Affected or Relevant Artifacts

• Developer: tensorflow
• Deployer: tensorflow
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2022-09-16
• Version: 0.3.3
• AVID Entry