AVID-2026-R1110

Description

CHECK-fail in tensorflow::full_type::SubstituteFromAttrs in TensorFlow (CVE-2022-36016)

Details

TensorFlow is an open source platform for machine learning. When tensorflow::full_type::SubstituteFromAttrs receives a FullTypeDef& t that is not exactly three args, it triggers a CHECK-fail instead of returning a status. We have patched the issue in GitHub commit 6104f0d4091c260ce9352f9155f7e9b725eab012. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Reason for inclusion in AVID: CVE-2022-36016 concerns TensorFlow, a core AI framework. It describes a security vulnerability (reachable assertion) that can cause a crash in the AI software stack, affecting deployments and serving of ML models. The vulnerability is in a software component used to build/train/deploy AI systems, with a patch committed and affected versions listed, fulfilling the criteria for a software supply-chain vulnerability in general-purpose AI systems. The report provides explicit evidence (commit, affected versions, CVE entry) supporting its AI relevance, software-supply-chain scope, and security impact.

References

• NVD entry
• https://github.com/tensorflow/tensorflow/security/advisories/GHSA-g468-qj8g-vcjc
• https://github.com/tensorflow/tensorflow/commit/6104f0d4091c260ce9352f9155f7e9b725eab012
• https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/ops/math_ops.cc

Affected or Relevant Artifacts

• Developer: tensorflow
• Deployer: tensorflow
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2022-09-16
• Version: 0.3.3
• AVID Entry