CVE-2022-21725: n/a in n/a
Tensorflow is an Open Source Machine Learning Framework. The estimator for the cost of some convolution operations can be made to execute a division by 0. The function fails to check that the stride argument is strictly positive. Hence, the fix is to add a check for the stride argument to ensure it is valid. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
AI Analysis
Technical Summary
CVE-2022-21725 is a medium-severity vulnerability affecting TensorFlow, an open-source machine learning framework widely used for developing and deploying machine learning models. The vulnerability arises in the estimator function responsible for calculating the cost of certain convolution operations. Specifically, the function does not validate the stride argument to ensure it is strictly positive. This lack of validation can lead to a division by zero error during execution. The consequence of this division by zero is a failure in the function, which can cause a denial of service (DoS) condition by crashing the process running the TensorFlow model. The issue is classified under CWE-369 (Divide By Zero). The vulnerability affects multiple TensorFlow versions, including 2.5.3, 2.6.3, 2.7.1, and will be fixed in 2.8.0. The fix involves adding a validation check to ensure the stride argument is valid before performing the division operation. The CVSS v3.1 base score is 6.5, indicating a medium severity, with the vector AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. This means the vulnerability can be exploited remotely over the network with low attack complexity, requires low privileges, no user interaction, and impacts availability only, without compromising confidentiality or integrity. No known exploits are currently reported in the wild.
Potential Impact
For European organizations, the primary impact of this vulnerability is the potential for denial of service attacks on systems running vulnerable TensorFlow versions. Organizations using TensorFlow for machine learning workloads—especially those in critical sectors such as finance, healthcare, manufacturing, and telecommunications—may experience service disruptions if an attacker exploits this flaw. Since TensorFlow is often integrated into production environments for AI-driven applications, a successful exploitation could halt model training or inference processes, leading to operational downtime and potential financial losses. However, the vulnerability does not allow for data leakage or unauthorized data modification, limiting the impact to availability. Given the low privilege requirement, internal threat actors or compromised accounts could trigger the issue, emphasizing the need for strict access controls. The absence of known exploits reduces immediate risk but does not eliminate the threat, especially as attackers may develop exploits over time.
Mitigation Recommendations
European organizations should prioritize updating TensorFlow installations to version 2.8.0 or later, or apply the relevant patches backported to versions 2.5.3, 2.6.3, and 2.7.1 as soon as they become available. Until patches are applied, organizations should implement strict input validation on any user-supplied or external data that influences convolution stride parameters to prevent invalid values. Additionally, monitoring and logging of TensorFlow application errors related to convolution operations can help detect exploitation attempts. Restricting access to TensorFlow services to trusted users and networks reduces the risk of exploitation by low-privilege attackers. Employing runtime protections such as containerization or sandboxing can limit the impact of crashes caused by this vulnerability. Finally, integrating vulnerability scanning into the CI/CD pipeline for machine learning models can ensure early detection of vulnerable TensorFlow versions.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Italy, Spain
CVE-2022-21725: n/a in n/a
Description
Tensorflow is an Open Source Machine Learning Framework. The estimator for the cost of some convolution operations can be made to execute a division by 0. The function fails to check that the stride argument is strictly positive. Hence, the fix is to add a check for the stride argument to ensure it is valid. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
AI-Powered Analysis
Technical Analysis
CVE-2022-21725 is a medium-severity vulnerability affecting TensorFlow, an open-source machine learning framework widely used for developing and deploying machine learning models. The vulnerability arises in the estimator function responsible for calculating the cost of certain convolution operations. Specifically, the function does not validate the stride argument to ensure it is strictly positive. This lack of validation can lead to a division by zero error during execution. The consequence of this division by zero is a failure in the function, which can cause a denial of service (DoS) condition by crashing the process running the TensorFlow model. The issue is classified under CWE-369 (Divide By Zero). The vulnerability affects multiple TensorFlow versions, including 2.5.3, 2.6.3, 2.7.1, and will be fixed in 2.8.0. The fix involves adding a validation check to ensure the stride argument is valid before performing the division operation. The CVSS v3.1 base score is 6.5, indicating a medium severity, with the vector AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. This means the vulnerability can be exploited remotely over the network with low attack complexity, requires low privileges, no user interaction, and impacts availability only, without compromising confidentiality or integrity. No known exploits are currently reported in the wild.
Potential Impact
For European organizations, the primary impact of this vulnerability is the potential for denial of service attacks on systems running vulnerable TensorFlow versions. Organizations using TensorFlow for machine learning workloads—especially those in critical sectors such as finance, healthcare, manufacturing, and telecommunications—may experience service disruptions if an attacker exploits this flaw. Since TensorFlow is often integrated into production environments for AI-driven applications, a successful exploitation could halt model training or inference processes, leading to operational downtime and potential financial losses. However, the vulnerability does not allow for data leakage or unauthorized data modification, limiting the impact to availability. Given the low privilege requirement, internal threat actors or compromised accounts could trigger the issue, emphasizing the need for strict access controls. The absence of known exploits reduces immediate risk but does not eliminate the threat, especially as attackers may develop exploits over time.
Mitigation Recommendations
European organizations should prioritize updating TensorFlow installations to version 2.8.0 or later, or apply the relevant patches backported to versions 2.5.3, 2.6.3, and 2.7.1 as soon as they become available. Until patches are applied, organizations should implement strict input validation on any user-supplied or external data that influences convolution stride parameters to prevent invalid values. Additionally, monitoring and logging of TensorFlow application errors related to convolution operations can help detect exploitation attempts. Restricting access to TensorFlow services to trusted users and networks reduces the risk of exploitation by low-privilege attackers. Employing runtime protections such as containerization or sandboxing can limit the impact of crashes caused by this vulnerability. Finally, integrating vulnerability scanning into the CI/CD pipeline for machine learning models can ensure early detection of vulnerable TensorFlow versions.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2021-11-16T00:00:00.000Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682d981ec4522896dcbdbea6
Added to database: 5/21/2025, 9:08:46 AM
Last enriched: 7/6/2025, 11:25:42 PM
Last updated: 7/28/2025, 6:10:11 PM
Views: 10
Related Threats
CVE-2025-50610: n/a
HighCVE-2025-50609: n/a
HighCVE-2025-50608: n/a
HighCVE-2025-55194: CWE-248: Uncaught Exception in Part-DB Part-DB-server
MediumCVE-2025-55197: CWE-400: Uncontrolled Resource Consumption in py-pdf pypdf
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.