`CHECK`-fail in `tensorflow::full_type::SubstituteFromAttrs` in TensorFlow
Description
TensorFlow is an open source platform for machine learning. When tensorflow::full_type::SubstituteFromAttrs receives a FullTypeDef& t that is not exactly three args, it triggers a CHECK-fail instead of returning a status. We have patched the issue in GitHub commit 6104f0d4091c260ce9352f9155f7e9b725eab012. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
tensorflowPyPI | < 2.7.2 | 2.7.2 |
tensorflowPyPI | >= 2.8.0, < 2.8.1 | 2.8.1 |
tensorflowPyPI | >= 2.9.0, < 2.9.1 | 2.9.1 |
tensorflow-cpuPyPI | < 2.7.2 | 2.7.2 |
tensorflow-cpuPyPI | >= 2.8.0, < 2.8.1 | 2.8.1 |
tensorflow-cpuPyPI | >= 2.9.0, < 2.9.1 | 2.9.1 |
tensorflow-gpuPyPI | < 2.7.2 | 2.7.2 |
tensorflow-gpuPyPI | >= 2.8.0, < 2.8.1 | 2.8.1 |
tensorflow-gpuPyPI | >= 2.9.0, < 2.9.1 | 2.9.1 |
Affected products
1- Range: < 2.7.2
Patches
16104f0d4091cStrengthen input verification for SpecializeType by replacing DCHECK with explicit test/status return.
2 files changed · +18 −1
tensorflow/core/framework/full_type_util.cc+5 −1 modified@@ -175,7 +175,11 @@ Status SubstituteVar(AttrMap& attrs, FullTypeDef& t) { } Status SubstituteForEach(AttrMap& attrs, FullTypeDef& t) { - DCHECK_EQ(t.args_size(), 3); + if (t.args_size() != 3) { + return Status(error::INVALID_ARGUMENT, + absl::StrCat("illegal FOR_EACH type, expected 3 args, got ", + t.args_size())); + } const auto& cont = t.args(0); const auto& tmpl = t.args(1);
tensorflow/core/framework/full_type_util_test.cc+13 −0 modified@@ -510,6 +510,19 @@ TEST(SpecializeType, ForEachOverridesTargetOfNestedForEach) { EXPECT_EQ(t_actual.args(1).args(0).args(0).args_size(), 0); } +TEST(SpecializeType, ForEachRejectsMalformedInput) { + OpDef op; + FullTypeDef* t = op.add_output_arg()->mutable_experimental_full_type(); + t->set_type_id(TFT_FOR_EACH); + t->add_args()->set_type_id(TFT_PRODUCT); + + NodeDef ndef; + AttrSlice attrs(ndef); + + FullTypeDef ft; + EXPECT_FALSE(SpecializeType(attrs, op, ft).ok()); +} + TEST(SpecializeType, RemovesLegacyVariant) { OpDef op; FullTypeDef* t = op.add_output_arg()->mutable_experimental_full_type();
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
6- github.com/advisories/GHSA-g468-qj8g-vcjcghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-36016ghsaADVISORY
- github.com/tensorflow/tensorflow/blob/master/tensorflow/core/ops/math_ops.ccghsax_refsource_MISCWEB
- github.com/tensorflow/tensorflow/commit/6104f0d4091c260ce9352f9155f7e9b725eab012ghsax_refsource_MISCWEB
- github.com/tensorflow/tensorflow/releases/tag/v2.10.0ghsaWEB
- github.com/tensorflow/tensorflow/security/advisories/GHSA-g468-qj8g-vcjcghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.