AVID-2026-R1112

Description

CHECK fail in FakeQuantWithMinMaxVarsPerChannel in TensorFlow (CVE-2022-36019)

Details

TensorFlow is an open source platform for machine learning. If FakeQuantWithMinMaxVarsPerChannel is given min or max tensors of a rank other than one, it results in a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 785d67a78a1d533759fcd2f5e8d6ef778de849e0. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Reason for inclusion in AVID: CVE-2022-36019 describes a vulnerability in TensorFlow where a CHECK failure in FakeQuantWithMinMaxVarsPerChannel can be triggered to cause a denial-of-service. This is a software vulnerability in a core AI framework/library used to build/train/deploy AI systems. It affects TensorFlow versions in use and has an official patch, indicating clear evidence of a security issue in software supply chains. Therefore, it is relevant to AI-related software stacks and qualifies as a GP AI system supply-chain vulnerability.

References

• NVD entry
• https://github.com/tensorflow/tensorflow/commit/785d67a78a1d533759fcd2f5e8d6ef778de849e0
• https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9j4v-pp28-mxv7

Affected or Relevant Artifacts

• Developer: tensorflow
• Deployer: tensorflow
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2022-09-16
• Version: 0.3.3
• AVID Entry