CVE-2022-29203

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-29203
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-29203.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-29203
Aliases
Related
Published
2022-05-20T23:15:44Z
Modified
2025-09-19T16:29:59.824519Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.raw_ops.SpaceToBatchND (in all backends such as XLA and handwritten kernels) is vulnerable to an integer overflow: The result of this integer overflow is used to allocate the output tensor, hence we get a denial of service via a CHECK-failure (assertion failure), as in TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.

References

Affected packages

Git / github.com/tensorflow/tensorflow

Affected ranges

Type
GIT
Repo
https://github.com/tensorflow/tensorflow
Events

Affected versions

0.*

0.12.0-rc0
0.12.0-rc1
0.12.1
0.5.0
0.6.0

v0.*

v0.10.0
v0.10.0rc0
v0.11.0
v0.11.0rc0
v0.11.0rc1
v0.11.0rc2
v0.12.0
v0.7.0
v0.7.1
v0.8.0rc0
v0.9.0
v0.9.0rc0

v1.*

v1.0.0
v1.0.0-alpha
v1.0.0-rc0
v1.0.0-rc1
v1.0.0-rc2
v1.1.0
v1.1.0-rc0
v1.1.0-rc1
v1.1.0-rc2
v1.12.0
v1.12.0-rc0
v1.12.0-rc1
v1.12.0-rc2
v1.12.1
v1.2.0
v1.2.0-rc0
v1.2.0-rc1
v1.2.0-rc2
v1.3.0-rc0
v1.3.0-rc1
v1.5.0
v1.5.0-rc0
v1.5.0-rc1
v1.6.0
v1.6.0-rc0
v1.6.0-rc1
v1.7.0
v1.7.0-rc0
v1.7.0-rc1
v1.8.0
v1.8.0-rc0
v1.8.0-rc1
v1.9.0
v1.9.0-rc0
v1.9.0-rc1
v1.9.0-rc2

v2.*

v2.6.0
v2.6.0-rc0
v2.6.0-rc1
v2.6.0-rc2
v2.6.1
v2.6.2
v2.6.3
v2.7.0
v2.7.0-rc0
v2.7.0-rc1
v2.7.1
v2.8.0
v2.8.0-rc0
v2.8.0-rc1
v2.9.0-rc0
v2.9.0-rc1
v2.9.0-rc2

Database specific

{
    "vanir_signatures": [
        {
            "source": "https://github.com/tensorflow/tensorflow/commit/acd56b8bcb72b163c834ae4f18469047b001fadf",
            "signature_version": "v1",
            "deprecated": false,
            "signature_type": "Line",
            "target": {
                "file": "tensorflow/core/kernels/spacetobatch_op.cc"
            },
            "digest": {
                "line_hashes": [
                    "17718085908520515107325851092809267098",
                    "100518190061585209743272272407313854375",
                    "219576023251389293359837702686207124426",
                    "84694306866138457362654534632095757784",
                    "51372332237449159011864489942835790588",
                    "274189993518247512168765481683543318053",
                    "195534684524187407523107047399496492982",
                    "112430630496530627995690967552695815665",
                    "33117649505453962199405658304646998908",
                    "106610045825724295510559805522878687420",
                    "125575692645271117381956794172362760799",
                    "273933688189289192062201521965133452768",
                    "150260384742925615266140781595949429103",
                    "284571824162753493148410510495409575183",
                    "331963711679278445960732951144560447117",
                    "218585203851727535600856806338065858775",
                    "150672828458825547610171688233933951646",
                    "118345193977764138620240676688526042316",
                    "80069495370107174864122275041983046009"
                ],
                "threshold": 0.9
            },
            "id": "CVE-2022-29203-22c2eb8b"
        },
        {
            "source": "https://github.com/tensorflow/tensorflow/commit/acd56b8bcb72b163c834ae4f18469047b001fadf",
            "signature_version": "v1",
            "deprecated": false,
            "signature_type": "Function",
            "target": {
                "file": "tensorflow/core/framework/shape_inference.cc",
                "function": "InferenceContext::Multiply"
            },
            "digest": {
                "function_hash": "244608232376349290355275370198825272882",
                "length": 673.0
            },
            "id": "CVE-2022-29203-4ccf78a3"
        },
        {
            "source": "https://github.com/tensorflow/tensorflow/commit/acd56b8bcb72b163c834ae4f18469047b001fadf",
            "signature_version": "v1",
            "deprecated": false,
            "signature_type": "Function",
            "target": {
                "file": "tensorflow/compiler/tf2xla/kernels/spacetobatch_op.cc",
                "function": "SpaceToBatch"
            },
            "digest": {
                "function_hash": "11519380059127676155829356355540856491",
                "length": 2946.0
            },
            "id": "CVE-2022-29203-72788656"
        },
        {
            "source": "https://github.com/tensorflow/tensorflow/commit/acd56b8bcb72b163c834ae4f18469047b001fadf",
            "signature_version": "v1",
            "deprecated": false,
            "signature_type": "Function",
            "target": {
                "file": "tensorflow/core/kernels/spacetobatch_op.cc",
                "function": "SpaceToBatchOpCompute"
            },
            "digest": {
                "function_hash": "311557338129562187630573912197409089867",
                "length": 3701.0
            },
            "id": "CVE-2022-29203-99d3fd22"
        },
        {
            "source": "https://github.com/tensorflow/tensorflow/commit/acd56b8bcb72b163c834ae4f18469047b001fadf",
            "signature_version": "v1",
            "deprecated": false,
            "signature_type": "Line",
            "target": {
                "file": "tensorflow/compiler/tf2xla/kernels/spacetobatch_op.cc"
            },
            "digest": {
                "line_hashes": [
                    "180931306337023767081292087613466298962",
                    "50742862269200454104534819673739982137",
                    "118517565880425433876754403540691906058",
                    "202062702390424477015856265284857277273",
                    "248716087921289306879161593799308882201",
                    "152995802069657011399118940642630662232",
                    "129470876752129267078572594184059292075",
                    "24886298497828954109026485075299783837",
                    "237955875609890945008376412736518577137",
                    "292531565003349466933507066103911653471",
                    "160786535535478670681132414188677668449",
                    "9082738128263018614241009073271097751",
                    "62347839365166248092989209599749666136",
                    "2745340606011281618657879117146825926",
                    "323480060254551625087190847870356846202",
                    "54912044755040583884144205162831626854",
                    "7138437991244903286287711919486798518",
                    "28583145229833160004125826387923437348",
                    "208521765559288840760924969878955473012",
                    "76263909524580169897990506459677848762",
                    "205344369897553234786474683217369267816",
                    "156397671296120044247697265854916406925",
                    "284076562308781589796780044997315142642"
                ],
                "threshold": 0.9
            },
            "id": "CVE-2022-29203-a82455f3"
        },
        {
            "source": "https://github.com/tensorflow/tensorflow/commit/acd56b8bcb72b163c834ae4f18469047b001fadf",
            "signature_version": "v1",
            "deprecated": false,
            "signature_type": "Line",
            "target": {
                "file": "tensorflow/core/framework/shape_inference.cc"
            },
            "digest": {
                "line_hashes": [
                    "163200288079871937361632418310663185541",
                    "133096278431153779393909512307039290929",
                    "319767082537894838227723998957548553946",
                    "139785361767140929825706846173804984323",
                    "300551714494120540444413724295513711717",
                    "158348036416159102080705256765102653211",
                    "326821126047948735940996775343904925400",
                    "19029843005429777095249604076239156568"
                ],
                "threshold": 0.9
            },
            "id": "CVE-2022-29203-aa10613e"
        }
    ]
}