CVE-2022-21735 is a medium-severity vulnerability affecting the TensorFlow open-source machine learning framework. The issue arises in the implementation of the FractionalMaxPool operation, where a division by zero can be triggered, causing the TensorFlow process to crash. This vulnerability is classified under CWE-369 (Divide By Zero). The flaw does not lead to confidentiality or integrity compromise but results in a denial of service (DoS) condition by crashing the process, impacting availability. The vulnerability affects multiple supported TensorFlow versions, including 2.5.3, 2.6.3, 2.7.1, and will be fixed in 2.8.0. Exploitation requires network access and low complexity, with privileges required at the level of process execution (PR:L), but no user interaction is needed. There are no known exploits in the wild as of the published date. The CVSS v3.1 score is 6.5, reflecting a medium severity due to the impact on availability and ease of exploitation. The vulnerability is relevant to any organization using affected TensorFlow versions, especially those running machine learning workloads that utilize FractionalMaxPool, which is a pooling operation variant used in neural networks to reduce spatial dimensions. An attacker could cause denial of service by sending crafted inputs that trigger the division by zero, crashing the TensorFlow process and potentially disrupting machine learning services or pipelines.

For European organizations, the impact of CVE-2022-21735 primarily concerns availability disruptions in machine learning services relying on vulnerable TensorFlow versions. Industries such as finance, healthcare, automotive, and research institutions that deploy TensorFlow for AI workloads could experience service interruptions, leading to operational delays or degraded service quality. In critical sectors like healthcare diagnostics or autonomous vehicle systems, such disruptions could have safety or compliance implications. While the vulnerability does not expose data or allow unauthorized code execution, the denial of service could be exploited to cause downtime or interrupt AI-driven decision-making processes. Organizations with automated pipelines or real-time AI inference systems are particularly at risk of operational impact. Given the increasing adoption of AI and machine learning in Europe, the vulnerability could affect a broad range of enterprises and public sector entities that depend on TensorFlow for their AI infrastructure.

European organizations should promptly update TensorFlow to version 2.8.0 or apply the relevant patches backported to versions 2.5.3, 2.6.3, or 2.7.1. Where immediate patching is not feasible, organizations should implement input validation and sanitization to prevent malformed inputs that could trigger the division by zero in FractionalMaxPool. Monitoring TensorFlow process stability and setting up automated restarts or failover mechanisms can reduce downtime impact. Restricting access to TensorFlow services to trusted networks and authenticated users can limit exposure to potential attackers. Additionally, organizations should audit their machine learning pipelines to identify usage of FractionalMaxPool and assess risk exposure. Incorporating runtime protections such as container isolation and resource limits can mitigate the impact of crashes. Finally, maintaining an inventory of AI/ML frameworks and their versions will help ensure timely vulnerability management.