CVE-2022-35935 is a medium-severity vulnerability affecting the TensorFlow machine learning platform, specifically within the SobolSampleOp operation. TensorFlow is widely used for developing and deploying machine learning models. The vulnerability arises from an assumption in the SobolSampleOp implementation that its first three inputs (`input(0)`, `input(1)`, and `input(2)`) are scalar values. This assumption leads to a reachable assertion failure (CWE-617) when the inputs do not meet this condition, causing the program to terminate unexpectedly due to a CHECK-failure. This results in a denial of service (DoS) condition, where the affected TensorFlow process crashes and becomes unavailable. The issue affects multiple TensorFlow versions: all versions prior to 2.7.2, versions from 2.8.0 up to but not including 2.8.1, and versions from 2.9.0 up to but not including 2.9.1. The vulnerability has been patched in commit c65c67f88ad770662e8f191269a907bf2b94b1bf and will be included in TensorFlow 2.10.0, with backported fixes for 2.9.1, 2.8.1, and 2.7.2. There are no known workarounds, and no exploits have been observed in the wild to date. Exploitation requires the attacker to supply crafted inputs to the SobolSampleOp operation, which is typically used in stochastic sampling within TensorFlow models. The vulnerability impacts the availability of TensorFlow-based services or applications by causing crashes, but does not directly compromise confidentiality or integrity. The vulnerability does not require authentication but does require the ability to influence or supply inputs to the affected TensorFlow operation, which may limit exposure depending on deployment context.

For European organizations, the primary impact of CVE-2022-35935 is a denial of service condition affecting TensorFlow-based machine learning workloads. Organizations relying on TensorFlow for critical AI/ML applications—such as financial institutions using ML for fraud detection, healthcare providers using AI for diagnostics, or manufacturing firms employing predictive maintenance—may experience service interruptions or degraded performance if vulnerable versions are exploited. This can lead to operational disruptions, delayed decision-making, and potential financial losses. Since the vulnerability causes assertion failures leading to crashes, availability is the main concern; confidentiality and integrity are not directly impacted. However, repeated crashes or service downtime could indirectly affect data processing pipelines and business continuity. The lack of known exploits in the wild reduces immediate risk, but the widespread use of TensorFlow in Europe means that unpatched systems remain vulnerable to potential future attacks. Additionally, organizations that expose TensorFlow models via APIs or cloud services may be more exposed if attackers can supply malicious inputs remotely. Given the increasing reliance on AI/ML in European digital transformation initiatives, this vulnerability could impact sectors with high strategic importance, including finance, healthcare, automotive, and public sector services.

To mitigate CVE-2022-35935, European organizations should: 1) Identify all TensorFlow deployments and verify the versions in use. Focus on versions prior to 2.7.2, between 2.8.0 and 2.8.1, and between 2.9.0 and 2.9.1, which are vulnerable. 2) Apply the official patches by upgrading to TensorFlow 2.10.0 or later, or to the patched versions 2.9.1, 2.8.1, or 2.7.2 as appropriate. 3) If immediate patching is not feasible, restrict access to TensorFlow model endpoints to trusted users and networks to reduce the risk of malicious input injection. 4) Implement input validation and sanitization at the application layer to ensure that inputs to SobolSampleOp or related TensorFlow operations conform to expected scalar types, where possible. 5) Monitor TensorFlow service logs for unexpected crashes or assertion failures that may indicate attempted exploitation. 6) Incorporate TensorFlow version checks into vulnerability management and patch management workflows to ensure timely updates. 7) For cloud-based TensorFlow services, coordinate with cloud providers to confirm patch status and apply mitigations. 8) Educate development and data science teams about the vulnerability to avoid deploying vulnerable versions in production. These steps go beyond generic advice by emphasizing version-specific patching, input validation, access controls, and operational monitoring tailored to TensorFlow environments.