CVE-2022-35937

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-35937
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-35937.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-35937
Aliases
Downstream
Related
Published
2022-09-16T19:40:20Z
Modified
2026-05-10T04:15:37.195744Z
Severity
  • 7.0 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H CVSS Calculator
Summary
OOB read in `Gather_nd` op in TensorFlow Lite
Details

TensorFlow is an open source platform for machine learning. The GatherNd function takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read is triggered. This issue has been patched in GitHub commit 595a65a3e224a0362d7e68c2213acfc2b499a196. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/35xxx/CVE-2022-35937.json",
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-125"
    ]
}
References

Affected packages

Git / github.com/tensorflow/tensorflow

Affected ranges

Type
GIT
Repo
https://github.com/tensorflow/tensorflow
Events
Introduced
c256c071bb26e1e13b4666d1b3e229e110bc914a
Fixed
dd7b8a3c1714d0052ce4b4a2fd8dcef927439a24
Introduced
3f878cff5b698b82eea85db2b60d65a2e320850e
Fixed
0516d4d8bced506cae97dc3cb45dbd2fe4311f26
Introduced
8a20d54a3c1bfa38c03ea99a2ad3c1b0a45dfa95
Fixed
d8ce9f9c301d021a69953134185ab728c1c248d3
Fixed
595a65a3e224a0362d7e68c2213acfc2b499a196
Database specific 
{
    "cpe": "cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*",
    "source": [
        "CPE_FIELD",
        "REFERENCES"
    ],
    "extracted_events": [
        {
            "introduced": "2.7.0"
        },
        {
            "fixed": "2.7.2"
        },
        {
            "introduced": "2.8.0"
        },
        {
            "fixed": "2.8.1"
        },
        {
            "introduced": "2.9.0"
        },
        {
            "fixed": "2.9.1"
        }
    ]
}

Affected versions

v2.*
v2.7.0
v2.7.1
v2.8.0
v2.9.0

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-35937.json"