Skip to main content

CVE-2022-21725: n/a in n/a

Medium
VulnerabilityCVE-2022-21725cvecve-2022-21725
Published: Thu Feb 03 2022 (02/03/2022, 12:21:02 UTC)
Source: CVE
Vendor/Project: n/a
Product: n/a

Description

Tensorflow is an Open Source Machine Learning Framework. The estimator for the cost of some convolution operations can be made to execute a division by 0. The function fails to check that the stride argument is strictly positive. Hence, the fix is to add a check for the stride argument to ensure it is valid. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.

AI-Powered Analysis

AILast updated: 07/06/2025, 23:25:42 UTC

Technical Analysis

CVE-2022-21725 is a medium-severity vulnerability affecting TensorFlow, an open-source machine learning framework widely used for developing and deploying machine learning models. The vulnerability arises in the estimator function responsible for calculating the cost of certain convolution operations. Specifically, the function does not validate the stride argument to ensure it is strictly positive. This lack of validation can lead to a division by zero error during execution. The consequence of this division by zero is a failure in the function, which can cause a denial of service (DoS) condition by crashing the process running the TensorFlow model. The issue is classified under CWE-369 (Divide By Zero). The vulnerability affects multiple TensorFlow versions, including 2.5.3, 2.6.3, 2.7.1, and will be fixed in 2.8.0. The fix involves adding a validation check to ensure the stride argument is valid before performing the division operation. The CVSS v3.1 base score is 6.5, indicating a medium severity, with the vector AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. This means the vulnerability can be exploited remotely over the network with low attack complexity, requires low privileges, no user interaction, and impacts availability only, without compromising confidentiality or integrity. No known exploits are currently reported in the wild.

Potential Impact

For European organizations, the primary impact of this vulnerability is the potential for denial of service attacks on systems running vulnerable TensorFlow versions. Organizations using TensorFlow for machine learning workloads—especially those in critical sectors such as finance, healthcare, manufacturing, and telecommunications—may experience service disruptions if an attacker exploits this flaw. Since TensorFlow is often integrated into production environments for AI-driven applications, a successful exploitation could halt model training or inference processes, leading to operational downtime and potential financial losses. However, the vulnerability does not allow for data leakage or unauthorized data modification, limiting the impact to availability. Given the low privilege requirement, internal threat actors or compromised accounts could trigger the issue, emphasizing the need for strict access controls. The absence of known exploits reduces immediate risk but does not eliminate the threat, especially as attackers may develop exploits over time.

Mitigation Recommendations

European organizations should prioritize updating TensorFlow installations to version 2.8.0 or later, or apply the relevant patches backported to versions 2.5.3, 2.6.3, and 2.7.1 as soon as they become available. Until patches are applied, organizations should implement strict input validation on any user-supplied or external data that influences convolution stride parameters to prevent invalid values. Additionally, monitoring and logging of TensorFlow application errors related to convolution operations can help detect exploitation attempts. Restricting access to TensorFlow services to trusted users and networks reduces the risk of exploitation by low-privilege attackers. Employing runtime protections such as containerization or sandboxing can limit the impact of crashes caused by this vulnerability. Finally, integrating vulnerability scanning into the CI/CD pipeline for machine learning models can ensure early detection of vulnerable TensorFlow versions.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
GitHub_M
Date Reserved
2021-11-16T00:00:00.000Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682d981ec4522896dcbdbea6

Added to database: 5/21/2025, 9:08:46 AM

Last enriched: 7/6/2025, 11:25:42 PM

Last updated: 7/28/2025, 6:10:11 PM

Views: 10

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats