CVE-2022-29203
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-29203
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-29203.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-29203
- Aliases
- Related
- Published
- 2022-05-20T23:15:44Z
- Modified
- 2025-09-19T16:29:59.824519Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of
tf.raw_ops.SpaceToBatchND(in all backends such as XLA and handwritten kernels) is vulnerable to an integer overflow: The result of this integer overflow is used to allocate the output tensor, hence we get a denial of service via aCHECK-failure (assertion failure), as in TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. - References
-
- https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md
- https://github.com/tensorflow/tensorflow/commit/acd56b8bcb72b163c834ae4f18469047b001fadf
- https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4
- https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2
- https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1
- https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jjm6-4vf7-cjh4
Affected packages
Git / github.com/tensorflow/tensorflow
Affected ranges
- Type
- GIT
- Repo
- https://github.com/tensorflow/tensorflow
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixedFixedFixedFixed
Affected versions
0.*
0.12.0-rc0
0.12.0-rc1
0.12.1
0.5.0
0.6.0
v0.*
v0.10.0
v0.10.0rc0
v0.11.0
v0.11.0rc0
v0.11.0rc1
v0.11.0rc2
v0.12.0
v0.7.0
v0.7.1
v0.8.0rc0
v0.9.0
v0.9.0rc0
v1.*
v1.0.0
v1.0.0-alpha
v1.0.0-rc0
v1.0.0-rc1
v1.0.0-rc2
v1.1.0
v1.1.0-rc0
v1.1.0-rc1
v1.1.0-rc2
v1.12.0
v1.12.0-rc0
v1.12.0-rc1
v1.12.0-rc2
v1.12.1
v1.2.0
v1.2.0-rc0
v1.2.0-rc1
v1.2.0-rc2
v1.3.0-rc0
v1.3.0-rc1
v1.5.0
v1.5.0-rc0
v1.5.0-rc1
v1.6.0
v1.6.0-rc0
v1.6.0-rc1
v1.7.0
v1.7.0-rc0
v1.7.0-rc1
v1.8.0
v1.8.0-rc0
v1.8.0-rc1
v1.9.0
v1.9.0-rc0
v1.9.0-rc1
v1.9.0-rc2
v2.*
v2.6.0
v2.6.0-rc0
v2.6.0-rc1
v2.6.0-rc2
v2.6.1
v2.6.2
v2.6.3
v2.7.0
v2.7.0-rc0
v2.7.0-rc1
v2.7.1
v2.8.0
v2.8.0-rc0
v2.8.0-rc1
v2.9.0-rc0
v2.9.0-rc1
v2.9.0-rc2
Database specific
{
"vanir_signatures": [
{
"source": "https://github.com/tensorflow/tensorflow/commit/acd56b8bcb72b163c834ae4f18469047b001fadf",
"signature_version": "v1",
"deprecated": false,
"signature_type": "Line",
"target": {
"file": "tensorflow/core/kernels/spacetobatch_op.cc"
},
"digest": {
"line_hashes": [
"17718085908520515107325851092809267098",
"100518190061585209743272272407313854375",
"219576023251389293359837702686207124426",
"84694306866138457362654534632095757784",
"51372332237449159011864489942835790588",
"274189993518247512168765481683543318053",
"195534684524187407523107047399496492982",
"112430630496530627995690967552695815665",
"33117649505453962199405658304646998908",
"106610045825724295510559805522878687420",
"125575692645271117381956794172362760799",
"273933688189289192062201521965133452768",
"150260384742925615266140781595949429103",
"284571824162753493148410510495409575183",
"331963711679278445960732951144560447117",
"218585203851727535600856806338065858775",
"150672828458825547610171688233933951646",
"118345193977764138620240676688526042316",
"80069495370107174864122275041983046009"
],
"threshold": 0.9
},
"id": "CVE-2022-29203-22c2eb8b"
},
{
"source": "https://github.com/tensorflow/tensorflow/commit/acd56b8bcb72b163c834ae4f18469047b001fadf",
"signature_version": "v1",
"deprecated": false,
"signature_type": "Function",
"target": {
"file": "tensorflow/core/framework/shape_inference.cc",
"function": "InferenceContext::Multiply"
},
"digest": {
"function_hash": "244608232376349290355275370198825272882",
"length": 673.0
},
"id": "CVE-2022-29203-4ccf78a3"
},
{
"source": "https://github.com/tensorflow/tensorflow/commit/acd56b8bcb72b163c834ae4f18469047b001fadf",
"signature_version": "v1",
"deprecated": false,
"signature_type": "Function",
"target": {
"file": "tensorflow/compiler/tf2xla/kernels/spacetobatch_op.cc",
"function": "SpaceToBatch"
},
"digest": {
"function_hash": "11519380059127676155829356355540856491",
"length": 2946.0
},
"id": "CVE-2022-29203-72788656"
},
{
"source": "https://github.com/tensorflow/tensorflow/commit/acd56b8bcb72b163c834ae4f18469047b001fadf",
"signature_version": "v1",
"deprecated": false,
"signature_type": "Function",
"target": {
"file": "tensorflow/core/kernels/spacetobatch_op.cc",
"function": "SpaceToBatchOpCompute"
},
"digest": {
"function_hash": "311557338129562187630573912197409089867",
"length": 3701.0
},
"id": "CVE-2022-29203-99d3fd22"
},
{
"source": "https://github.com/tensorflow/tensorflow/commit/acd56b8bcb72b163c834ae4f18469047b001fadf",
"signature_version": "v1",
"deprecated": false,
"signature_type": "Line",
"target": {
"file": "tensorflow/compiler/tf2xla/kernels/spacetobatch_op.cc"
},
"digest": {
"line_hashes": [
"180931306337023767081292087613466298962",
"50742862269200454104534819673739982137",
"118517565880425433876754403540691906058",
"202062702390424477015856265284857277273",
"248716087921289306879161593799308882201",
"152995802069657011399118940642630662232",
"129470876752129267078572594184059292075",
"24886298497828954109026485075299783837",
"237955875609890945008376412736518577137",
"292531565003349466933507066103911653471",
"160786535535478670681132414188677668449",
"9082738128263018614241009073271097751",
"62347839365166248092989209599749666136",
"2745340606011281618657879117146825926",
"323480060254551625087190847870356846202",
"54912044755040583884144205162831626854",
"7138437991244903286287711919486798518",
"28583145229833160004125826387923437348",
"208521765559288840760924969878955473012",
"76263909524580169897990506459677848762",
"205344369897553234786474683217369267816",
"156397671296120044247697265854916406925",
"284076562308781589796780044997315142642"
],
"threshold": 0.9
},
"id": "CVE-2022-29203-a82455f3"
},
{
"source": "https://github.com/tensorflow/tensorflow/commit/acd56b8bcb72b163c834ae4f18469047b001fadf",
"signature_version": "v1",
"deprecated": false,
"signature_type": "Line",
"target": {
"file": "tensorflow/core/framework/shape_inference.cc"
},
"digest": {
"line_hashes": [
"163200288079871937361632418310663185541",
"133096278431153779393909512307039290929",
"319767082537894838227723998957548553946",
"139785361767140929825706846173804984323",
"300551714494120540444413724295513711717",
"158348036416159102080705256765102653211",
"326821126047948735940996775343904925400",
"19029843005429777095249604076239156568"
],
"threshold": 0.9
},
"id": "CVE-2022-29203-aa10613e"
}
]
}