AVID-2026-R1147

Description

FractionalMaxPoolGrad Heap out of bounds read in Tensorflow (CVE-2022-41897)

Details

TensorFlow is an open source platform for machine learning. If FractionMaxPoolGrad is given outsize inputs row_pooling_sequence and col_pooling_sequence, TensorFlow will crash. We have patched the issue in GitHub commit d71090c3e5ca325bdf4b02eb236cfb3ee823e927. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.

Reason for inclusion in AVID: CVE-2022-41897 describes a heap out-of-bounds read in TensorFlow’s FractionalMaxPoolGrad. This is a software vulnerability affecting an AI framework used in ML pipelines. It resides in a component (TensorFlow) that is commonly deployed to build/train/deploy AI systems, making it a legitimate software supply-chain issue for general-purpose AI systems. The report provides explicit vulnerability behavior (crash due to out-of-bounds read) and references the fix (commit) in TensorFlow, giving sufficient evidence for remediation. No hardware/firmware-only angles are involved. Therefore, it should be kept for AVID curation as a vulnerability in the AI software supply chain.

References

• NVD entry
• https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f2w8-jw48-fr7j
• https://github.com/tensorflow/tensorflow/commit/d71090c3e5ca325bdf4b02eb236cfb3ee823e927
• https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/fractional_max_pool_op.cc

Affected or Relevant Artifacts

• Developer: tensorflow
• Deployer: tensorflow
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2022-11-18
• Version: 0.3.3
• AVID Entry