AVID-2026-R1152

Description

Out of bounds write in grappler in Tensorflow (CVE-2022-41902)

Details

TensorFlow is an open source platform for machine learning. The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. We have patched the issue in GitHub commit a65411a1d69edfb16b25907ffb8f73556ce36bb7. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.8.4, 2.9.3, and 2.10.1.

Reason for inclusion in AVID: CVE-2022-41902 is an out-of-bounds write vulnerability in TensorFlow Grappler, a core component of the TensorFlow ML framework. It affects AI software stacks used to build/train/deploy AI models, representing a software supply-chain issue in GP AI systems. The advisory provides explicit vulnerability details and a patch/fix path, with multiple references (NVD/CVE, commit, etc.), establishing a security vulnerability with high impact. Sufficient signals are present to classify as a vulnerability worth curating in AI supply-chain contexts.

References

• NVD entry
• https://github.com/tensorflow/tensorflow/commit/a65411a1d69edfb16b25907ffb8f73556ce36bb7
• https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/grappler/utils/functions.cc#L221
• https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cg88-rpvp-cjv5

Affected or Relevant Artifacts

• Developer: tensorflow
• Deployer: tensorflow
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2022-12-06
• Version: 0.3.3
• AVID Entry