CVE-2022-35995

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1, 2.8.1, and 2.7.2 are also affected

Description The issue occurs when AudioSummaryV2 receives an input sample rate with more than one element, resulting in a CHECK failure that can be used to trigger a denial of service attack. There are no known workarounds for this issue.

Recommendations For TensorFlow versions prior to 2.10.0, update to version 2.10.0 or later to resolve the issue. For TensorFlow versions 2.9.1, 2.8.1, and 2.7.2, update to the respective patched versions to resolve the issue. As a temporary workaround, consider avoiding the use of AudioSummaryV2 with input sample rate having more than one element until a patch is available.