Vulnerability-Lookup

CVE-2022-29204 (GCVE-0-2022-29204)

Vulnerability from cvelistv5 – Published: 2022-05-20 22:40 – Updated: 2025-04-22 17:58

Title

Missing validation causes denial of service in TensorFlow via `Conv3DBackpropFilterV2`

Summary

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a positive scalar but there is no validation. Since this value is used to allocate the output tensor, a negative value would result in a `CHECK`-failure (assertion failure), as per TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.

Severity ?

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-191 - Integer Underflow (Wrap or Wraparound)
CWE-20 - Improper Input Validation

Assigner

GitHub_M

References

URL

Tags

	https://github.com/tensorflow/tensorflow/blob/mas…	x_refsource_MISC
	https://github.com/tensorflow/tensorflow/releases…	x_refsource_MISC
	https://github.com/tensorflow/tensorflow/releases…	x_refsource_MISC
	https://github.com/tensorflow/tensorflow/releases…	x_refsource_MISC
	https://github.com/tensorflow/tensorflow/releases…	x_refsource_MISC
	https://github.com/tensorflow/tensorflow/security…	x_refsource_CONFIRM
	https://github.com/tensorflow/tensorflow/commit/2…	x_refsource_MISC
	https://github.com/tensorflow/tensorflow/commit/8…	x_refsource_MISC
	https://github.com/tensorflow/tensorflow/blob/f3b…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	tensorflow	tensorflow	Affected: < 2.6.4 Affected: >= 2.7.0rc0, < 2.7.2 Affected: >= 2.8.0rc0, < 2.8.1 Affected: >= 2.9.0rc0, < 2.9.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T06:17:54.286Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-29204",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-22T15:46:46.088493Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-22T17:58:11.932Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "tensorflow",
          "vendor": "tensorflow",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.6.4"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.7.0rc0, \u003c 2.7.2"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.8.0rc0, \u003c 2.8.1"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.9.0rc0, \u003c 2.9.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a positive scalar but there is no validation. Since this value is used to allocate the output tensor, a negative value would result in a `CHECK`-failure (assertion failure), as per TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-191",
              "description": "CWE-191: Integer Underflow (Wrap or Wraparound)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-20T22:40:13.000Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14"
        }
      ],
      "source": {
        "advisory": "GHSA-hx9q-2mx4-m4pg",
        "discovery": "UNKNOWN"
      },
      "title": "Missing validation causes denial of service in TensorFlow via `Conv3DBackpropFilterV2`",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2022-29204",
          "STATE": "PUBLIC",
          "TITLE": "Missing validation causes denial of service in TensorFlow via `Conv3DBackpropFilterV2`"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "tensorflow",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003c 2.6.4"
                          },
                          {
                            "version_value": "\u003e= 2.7.0rc0, \u003c 2.7.2"
                          },
                          {
                            "version_value": "\u003e= 2.8.0rc0, \u003c 2.8.1"
                          },
                          {
                            "version_value": "\u003e= 2.9.0rc0, \u003c 2.9.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "tensorflow"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a positive scalar but there is no validation. Since this value is used to allocate the output tensor, a negative value would result in a `CHECK`-failure (assertion failure), as per TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-191: Integer Underflow (Wrap or Wraparound)"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20: Improper Input Validation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md",
              "refsource": "MISC",
              "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md"
            },
            {
              "name": "https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4",
              "refsource": "MISC",
              "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4"
            },
            {
              "name": "https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2",
              "refsource": "MISC",
              "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2"
            },
            {
              "name": "https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1",
              "refsource": "MISC",
              "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1"
            },
            {
              "name": "https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0",
              "refsource": "MISC",
              "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0"
            },
            {
              "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg",
              "refsource": "CONFIRM",
              "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg"
            },
            {
              "name": "https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147",
              "refsource": "MISC",
              "url": "https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147"
            },
            {
              "name": "https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943",
              "refsource": "MISC",
              "url": "https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943"
            },
            {
              "name": "https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14",
              "refsource": "MISC",
              "url": "https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-hx9q-2mx4-m4pg",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2022-29204",
    "datePublished": "2022-05-20T22:40:13.000Z",
    "dateReserved": "2022-04-13T00:00:00.000Z",
    "dateUpdated": "2025-04-22T17:58:11.932Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.6.4\", \"matchCriteriaId\": \"D9359D32-D090-44CF-AC43-2046084A28BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.7.0\", \"versionEndExcluding\": \"2.7.2\", \"matchCriteriaId\": \"C4DFBF2D-5283-42F6-8800-D653BFA5CE82\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:google:tensorflow:2.7.0:rc0:*:*:*:*:*:*\", \"matchCriteriaId\": \"A58EDA5C-66D6-46F1-962E-60AFB7C784A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:google:tensorflow:2.7.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"89522760-C2DF-400D-9624-626D8F160CBA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:google:tensorflow:2.8.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9EA1898-ACAA-4699-8BAE-54D62C1819FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:google:tensorflow:2.8.0:rc0:*:*:*:*:*:*\", \"matchCriteriaId\": \"130DE3C9-6842-456F-A259-BF8FF8457217\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:google:tensorflow:2.8.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"BBF2FCEF-989C-409D-9F4C-81418C65B972\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:google:tensorflow:2.9.0:rc0:*:*:*:*:*:*\", \"matchCriteriaId\": \"9CFB1CFC-579D-4647-A472-6DE8BE1951DE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:google:tensorflow:2.9.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3F3F37E-D27F-4060-830C-0AFF16150777\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a positive scalar but there is no validation. Since this value is used to allocate the output tensor, a negative value would result in a `CHECK`-failure (assertion failure), as per TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.\"}, {\"lang\": \"es\", \"value\": \"TensorFlow es una plataforma de c\\u00f3digo abierto para el aprendizaje autom\\u00e1tico. En versiones anteriores a 2.9.0, 2.8.1, 2.7.2 y 2.6.4, la implementaci\\u00f3n de \\\"tf.raw_ops.UnsortedSegmentJoin\\\" no comprobaba completamente los argumentos de entrada. Esto resulta en un fallo de \\\"CHECK\\\" que puede usarse para desencadenar un ataque de denegaci\\u00f3n de servicio. El c\\u00f3digo asume que \\\"num_segments\\\" es un escalar positivo, pero no lo comprueba. Dado que este valor es usado para asignar el tensor de salida, un valor negativo resulta en un fallo de \\\"CHECK\\\" (fallo de aserci\\u00f3n), seg\\u00fan TFSA-2021-198. Las versiones 2.9.0, 2.8.1, 2.7.2 y 2.6.4 contienen un parche para este problema\"}]",
      "id": "CVE-2022-29204",
      "lastModified": "2024-11-21T06:58:42.563",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 2.1, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2022-05-20T23:15:44.610",
      "references": "[{\"url\": \"https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Exploit\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Patch\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "security-advisories@github.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}, {\"lang\": \"en\", \"value\": \"CWE-191\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-29204\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2022-05-20T23:15:44.610\",\"lastModified\":\"2025-06-25T21:00:03.170\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a positive scalar but there is no validation. Since this value is used to allocate the output tensor, a negative value would result in a `CHECK`-failure (assertion failure), as per TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.\"},{\"lang\":\"es\",\"value\":\"TensorFlow es una plataforma de c\u00f3digo abierto para el aprendizaje autom\u00e1tico. En versiones anteriores a 2.9.0, 2.8.1, 2.7.2 y 2.6.4, la implementaci\u00f3n de \\\"tf.raw_ops.UnsortedSegmentJoin\\\" no comprobaba completamente los argumentos de entrada. Esto resulta en un fallo de \\\"CHECK\\\" que puede usarse para desencadenar un ataque de denegaci\u00f3n de servicio. El c\u00f3digo asume que \\\"num_segments\\\" es un escalar positivo, pero no lo comprueba. Dado que este valor es usado para asignar el tensor de salida, un valor negativo resulta en un fallo de \\\"CHECK\\\" (fallo de aserci\u00f3n), seg\u00fan TFSA-2021-198. Las versiones 2.9.0, 2.8.1, 2.7.2 y 2.6.4 contienen un parche para este problema\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"},{\"lang\":\"en\",\"value\":\"CWE-191\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.15.0\",\"versionEndExcluding\":\"2.6.4\",\"matchCriteriaId\":\"CE10B125-2FB7-49F7-98A3-6358C25372FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.7.0\",\"versionEndExcluding\":\"2.7.2\",\"matchCriteriaId\":\"C4DFBF2D-5283-42F6-8800-D653BFA5CE82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:tensorflow:2.7.0:rc0:*:*:*:*:*:*\",\"matchCriteriaId\":\"A58EDA5C-66D6-46F1-962E-60AFB7C784A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:tensorflow:2.7.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"89522760-C2DF-400D-9624-626D8F160CBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:tensorflow:2.8.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9EA1898-ACAA-4699-8BAE-54D62C1819FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:tensorflow:2.8.0:rc0:*:*:*:*:*:*\",\"matchCriteriaId\":\"130DE3C9-6842-456F-A259-BF8FF8457217\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:tensorflow:2.8.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBF2FCEF-989C-409D-9F4C-81418C65B972\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:tensorflow:2.9.0:rc0:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CFB1CFC-579D-4647-A472-6DE8BE1951DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:tensorflow:2.9.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3F3F37E-D27F-4060-830C-0AFF16150777\"}]}]}],\"references\":[{\"url\":\"https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T06:17:54.286Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-29204\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-22T15:46:46.088493Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-22T15:46:47.922Z\"}}], \"cna\": {\"title\": \"Missing validation causes denial of service in TensorFlow via `Conv3DBackpropFilterV2`\", \"source\": {\"advisory\": \"GHSA-hx9q-2mx4-m4pg\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"tensorflow\", \"product\": \"tensorflow\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 2.6.4\"}, {\"status\": \"affected\", \"version\": \"\u003e= 2.7.0rc0, \u003c 2.7.2\"}, {\"status\": \"affected\", \"version\": \"\u003e= 2.8.0rc0, \u003c 2.8.1\"}, {\"status\": \"affected\", \"version\": \"\u003e= 2.9.0rc0, \u003c 2.9.0\"}]}], \"references\": [{\"url\": \"https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a positive scalar but there is no validation. Since this value is used to allocate the output tensor, a negative value would result in a `CHECK`-failure (assertion failure), as per TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-191\", \"description\": \"CWE-191: Integer Underflow (Wrap or Wraparound)\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20: Improper Input Validation\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2022-05-20T22:40:13.000Z\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}, \"source\": {\"advisory\": \"GHSA-hx9q-2mx4-m4pg\", \"discovery\": \"UNKNOWN\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"\u003c 2.6.4\"}, {\"version_value\": \"\u003e= 2.7.0rc0, \u003c 2.7.2\"}, {\"version_value\": \"\u003e= 2.8.0rc0, \u003c 2.8.1\"}, {\"version_value\": \"\u003e= 2.9.0rc0, \u003c 2.9.0\"}]}, \"product_name\": \"tensorflow\"}]}, \"vendor_name\": \"tensorflow\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md\", \"name\": \"https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4\", \"name\": \"https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2\", \"name\": \"https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1\", \"name\": \"https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0\", \"name\": \"https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg\", \"name\": \"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147\", \"name\": \"https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943\", \"name\": \"https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14\", \"name\": \"https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a positive scalar but there is no validation. Since this value is used to allocate the output tensor, a negative value would result in a `CHECK`-failure (assertion failure), as per TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-191: Integer Underflow (Wrap or Wraparound)\"}]}, {\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-20: Improper Input Validation\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2022-29204\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Missing validation causes denial of service in TensorFlow via `Conv3DBackpropFilterV2`\", \"ASSIGNER\": \"security-advisories@github.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-29204\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-22T17:58:11.932Z\", \"dateReserved\": \"2022-04-13T00:00:00.000Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2022-05-20T22:40:13.000Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GHSA-HX9Q-2MX4-M4PG

Vulnerability from github – Published: 2022-05-24 22:12 – Updated: 2022-05-24 22:12

Summary

Missing validation causes denial of service via `Conv3DBackpropFilterV2`

Details

Impact

The implementation of tf.raw_ops.UnsortedSegmentJoin does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack:

import tensorflow as tf

tf.strings.unsorted_segment_join(
  inputs=['123'],
  segment_ids=[0],
  num_segments=-1)

The code assumes num_segments is a positive scalar but there is no validation:

const Tensor& num_segments_tensor = context->input(2);
auto num_segments = num_segments_tensor.scalar<NUM_SEGMENTS_TYPE>()();
// ...
Tensor* output_tensor = nullptr;
TensorShape output_shape =
    GetOutputShape(input_shape, segment_id_shape, num_segments);

Since this value is used to allocate the output tensor, a negative value would result in a CHECK-failure (assertion failure), as per TFSA-2021-198.

Patches

We have patched the issue in GitHub commit 84563f265f28b3c36a15335c8b005d405260e943 and GitHub commit 20cb18724b0bf6c09071a3f53434c4eec53cc147.

The fix will be included in TensorFlow 2.9.0. We will also cherrypick this commit on TensorFlow 2.8.1, TensorFlow 2.7.2, and TensorFlow 2.6.4, as these are also affected and still in supported range.

For more information

Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.

Attribution

This vulnerability has been reported externally via a GitHub issue.

Severity ?

5.5 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.6.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.7.0"
            },
            {
              "fixed": "2.7.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.8.0"
            },
            {
              "fixed": "2.8.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.6.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.7.0"
            },
            {
              "fixed": "2.7.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.8.0"
            },
            {
              "fixed": "2.8.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.6.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.7.0"
            },
            {
              "fixed": "2.7.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.8.0"
            },
            {
              "fixed": "2.8.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-29204"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-191",
      "CWE-20"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-05-24T22:12:26Z",
    "nvd_published_at": "2022-05-20T23:15:00Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nThe implementation of [`tf.raw_ops.UnsortedSegmentJoin`](https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L148) does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack:\n\n```python\nimport tensorflow as tf\n\ntf.strings.unsorted_segment_join(\n  inputs=[\u0027123\u0027],\n  segment_ids=[0],\n  num_segments=-1)\n```\n\nThe code assumes `num_segments` is a positive scalar but there is no validation:\n\n```cc\nconst Tensor\u0026 num_segments_tensor = context-\u003einput(2);\nauto num_segments = num_segments_tensor.scalar\u003cNUM_SEGMENTS_TYPE\u003e()();\n// ...\nTensor* output_tensor = nullptr;\nTensorShape output_shape =\n    GetOutputShape(input_shape, segment_id_shape, num_segments);\n```\n\nSince this value is used to allocate the output tensor, a negative value would result in a `CHECK`-failure (assertion failure), as per [TFSA-2021-198](https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md).\n\n### Patches \nWe have patched the issue in GitHub commit [84563f265f28b3c36a15335c8b005d405260e943](https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943) and GitHub commit [20cb18724b0bf6c09071a3f53434c4eec53cc147](https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147).\n  \nThe fix will be included in TensorFlow 2.9.0. We will also cherrypick this commit on TensorFlow 2.8.1, TensorFlow 2.7.2, and TensorFlow 2.6.4, as these are also affected and still in supported range.\n      \n### For more information \nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n                       \n### Attribution \nThis vulnerability has been reported externally via a [GitHub issue](https://github.com/tensorflow/tensorflow/issues/55305).",
  "id": "GHSA-hx9q-2mx4-m4pg",
  "modified": "2022-05-24T22:12:26Z",
  "published": "2022-05-24T22:12:26Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29204"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/tensorflow/tensorflow"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Missing validation causes denial of service via `Conv3DBackpropFilterV2`"
}

bit-tensorflow-2022-29204

Vulnerability from bitnami_vulndb

Published

2024-03-06 11:14

Modified

2026-01-26 15:09

Summary

Missing validation causes denial of service in TensorFlow via `Conv3DBackpropFilterV2`

Details

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.raw_ops.UnsortedSegmentJoin does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack. The code assumes num_segments is a positive scalar but there is no validation. Since this value is used to allocate the output tensor, a negative value would result in a CHECK-failure (assertion failure), as per TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Bitnami",
        "name": "tensorflow",
        "purl": "pkg:bitnami/tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.15.0"
            },
            {
              "fixed": "2.6.4"
            },
            {
              "introduced": "2.7.0"
            },
            {
              "fixed": "2.7.2"
            },
            {
              "introduced": "2.8.0"
            },
            {
              "fixed": "2.8.1"
            }
          ],
          "type": "SEMVER"
        }
      ],
      "severity": [
        {
          "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "type": "CVSS_V3"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-29204"
  ],
  "database_specific": {
    "cpes": [
      "cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*"
    ],
    "severity": "Medium"
  },
  "details": "TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a positive scalar but there is no validation. Since this value is used to allocate the output tensor, a negative value would result in a `CHECK`-failure (assertion failure), as per TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.",
  "id": "BIT-tensorflow-2022-29204",
  "modified": "2026-01-26T15:09:56.435Z",
  "published": "2024-03-06T11:14:25.120Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29204"
    }
  ],
  "schema_version": "1.5.0",
  "summary": "Missing validation causes denial of service in TensorFlow via `Conv3DBackpropFilterV2`"
}

CNVD-2022-44170

Vulnerability from cnvd - Published: 2022-06-09

Title

Google TensorFlow拒绝服务漏洞（CNVD-2022-44170）

Description

Google TensorFlow是美国谷歌（Google）公司的一套用于机器学习的端到端开源平台。 Google TensorFlow 2.9.0之前版本、2.8.1之前版本、2.7.2之前版本和2.6.4之前版本存在安全漏洞，该漏洞源于tf.raw_ops.UnsortedSegmentJoin 对于输入的参数存在不完全验证。攻击者利用该漏洞可以触发断言失败实现拒绝服务攻击。

Severity

低

Patch Name

Google TensorFlow拒绝服务漏洞（CNVD-2022-44170）的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg

Reference

https://nvd.nist.gov/vuln/detail/CVE-2022-29204

Impacted products

Name
['Google TensorFlow <2.9.0', 'Google TensorFlow <2.8.1', 'Google TensorFlow <2.7.2', 'Google TensorFlow <2.6.4']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-29204"
    }
  },
  "description": "Google TensorFlow\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8e\u673a\u5668\u5b66\u4e60\u7684\u7aef\u5230\u7aef\u5f00\u6e90\u5e73\u53f0\u3002\n\nGoogle TensorFlow 2.9.0\u4e4b\u524d\u7248\u672c\u30012.8.1\u4e4b\u524d\u7248\u672c\u30012.7.2\u4e4b\u524d\u7248\u672c\u548c2.6.4\u4e4b\u524d\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8etf.raw_ops.UnsortedSegmentJoin \u5bf9\u4e8e\u8f93\u5165\u7684\u53c2\u6570\u5b58\u5728\u4e0d\u5b8c\u5168\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u53ef\u4ee5\u89e6\u53d1\u65ad\u8a00\u5931\u8d25\u5b9e\u73b0\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-44170",
  "openTime": "2022-06-09",
  "patchDescription": "Google TensorFlow\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8e\u673a\u5668\u5b66\u4e60\u7684\u7aef\u5230\u7aef\u5f00\u6e90\u5e73\u53f0\u3002\r\n\r\nGoogle TensorFlow 2.9.0\u4e4b\u524d\u7248\u672c\u30012.8.1\u4e4b\u524d\u7248\u672c\u30012.7.2\u4e4b\u524d\u7248\u672c\u548c2.6.4\u4e4b\u524d\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8etf.raw_ops.UnsortedSegmentJoin \u5bf9\u4e8e\u8f93\u5165\u7684\u53c2\u6570\u5b58\u5728\u4e0d\u5b8c\u5168\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u53ef\u4ee5\u89e6\u53d1\u65ad\u8a00\u5931\u8d25\u5b9e\u73b0\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Google TensorFlow\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2022-44170\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Google TensorFlow \u003c2.9.0",
      "Google TensorFlow \u003c2.8.1",
      "Google TensorFlow \u003c2.7.2",
      "Google TensorFlow \u003c2.6.4"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2022-29204",
  "serverity": "\u4f4e",
  "submitTime": "2022-05-24",
  "title": "Google TensorFlow\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2022-44170\uff09"
}

GSD-2022-29204

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2022-29204

Aliases

CVE-2022-29204

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-29204",
    "description": "TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a positive scalar but there is no validation. Since this value is used to allocate the output tensor, a negative value would result in a `CHECK`-failure (assertion failure), as per TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.",
    "id": "GSD-2022-29204",
    "references": [
      "https://www.suse.com/security/cve/CVE-2022-29204.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-29204"
      ],
      "details": "TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a positive scalar but there is no validation. Since this value is used to allocate the output tensor, a negative value would result in a `CHECK`-failure (assertion failure), as per TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.",
      "id": "GSD-2022-29204",
      "modified": "2023-12-13T01:19:41.648761Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2022-29204",
        "STATE": "PUBLIC",
        "TITLE": "Missing validation causes denial of service in TensorFlow via `Conv3DBackpropFilterV2`"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "tensorflow",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "\u003c 2.6.4"
                        },
                        {
                          "version_value": "\u003e= 2.7.0rc0, \u003c 2.7.2"
                        },
                        {
                          "version_value": "\u003e= 2.8.0rc0, \u003c 2.8.1"
                        },
                        {
                          "version_value": "\u003e= 2.9.0rc0, \u003c 2.9.0"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "tensorflow"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a positive scalar but there is no validation. Since this value is used to allocate the output tensor, a negative value would result in a `CHECK`-failure (assertion failure), as per TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-191: Integer Underflow (Wrap or Wraparound)"
              }
            ]
          },
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-20: Improper Input Validation"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md",
            "refsource": "MISC",
            "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md"
          },
          {
            "name": "https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4",
            "refsource": "MISC",
            "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4"
          },
          {
            "name": "https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2",
            "refsource": "MISC",
            "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2"
          },
          {
            "name": "https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1",
            "refsource": "MISC",
            "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1"
          },
          {
            "name": "https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0",
            "refsource": "MISC",
            "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0"
          },
          {
            "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg",
            "refsource": "CONFIRM",
            "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg"
          },
          {
            "name": "https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147",
            "refsource": "MISC",
            "url": "https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147"
          },
          {
            "name": "https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943",
            "refsource": "MISC",
            "url": "https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943"
          },
          {
            "name": "https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14",
            "refsource": "MISC",
            "url": "https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-hx9q-2mx4-m4pg",
        "discovery": "UNKNOWN"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c2.6.4||\u003e=2.7.0,\u003c2.7.2||\u003e=2.8.0,\u003c2.8.1",
          "affected_versions": "All versions before 2.6.4, all versions starting from 2.7.0 before 2.7.2, all versions starting from 2.8.0 before 2.8.1",
          "cwe_ids": [
            "CWE-1035",
            "CWE-937"
          ],
          "date": "2022-05-24",
          "description": "TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a positive scalar but there is no validation. Since this value is used to allocate the output tensor, a negative value would result in a `CHECK`-failure (assertion failure), as per TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.",
          "fixed_versions": [
            "2.6.4",
            "2.7.2",
            "2.8.1"
          ],
          "identifier": "CVE-2022-29204",
          "identifiers": [
            "GHSA-hx9q-2mx4-m4pg",
            "CVE-2022-29204"
          ],
          "not_impacted": "All versions starting from 2.6.4 before 2.7.0, all versions starting from 2.7.2 before 2.8.0, all versions starting from 2.8.1",
          "package_slug": "pypi/tensorflow-cpu",
          "pubdate": "2022-05-24",
          "solution": "Upgrade to versions 2.6.4, 2.7.2, 2.8.1 or above.",
          "title": "Missing validation causes denial of service via `Conv3DBackpropFilterV2`",
          "urls": [
            "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg",
            "https://nvd.nist.gov/vuln/detail/CVE-2022-29204",
            "https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147",
            "https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943",
            "https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14",
            "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md",
            "https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4",
            "https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2",
            "https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1",
            "https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0",
            "https://github.com/advisories/GHSA-hx9q-2mx4-m4pg"
          ],
          "uuid": "e9b5e823-731f-4959-a9ca-a8133cca5593"
        },
        {
          "affected_range": "\u003c2.6.4||\u003e=2.7.0,\u003c2.7.2||\u003e=2.8.0,\u003c2.8.1",
          "affected_versions": "All versions before 2.6.4, all versions starting from 2.7.0 before 2.7.2, all versions starting from 2.8.0 before 2.8.1",
          "cwe_ids": [
            "CWE-1035",
            "CWE-937"
          ],
          "date": "2022-05-24",
          "description": "TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a positive scalar but there is no validation. Since this value is used to allocate the output tensor, a negative value would result in a `CHECK`-failure (assertion failure), as per TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.",
          "fixed_versions": [
            "2.6.4",
            "2.7.2",
            "2.8.1"
          ],
          "identifier": "CVE-2022-29204",
          "identifiers": [
            "GHSA-hx9q-2mx4-m4pg",
            "CVE-2022-29204"
          ],
          "not_impacted": "All versions starting from 2.6.4 before 2.7.0, all versions starting from 2.7.2 before 2.8.0, all versions starting from 2.8.1",
          "package_slug": "pypi/tensorflow-gpu",
          "pubdate": "2022-05-24",
          "solution": "Upgrade to versions 2.6.4, 2.7.2, 2.8.1 or above.",
          "title": "Missing validation causes denial of service via `Conv3DBackpropFilterV2`",
          "urls": [
            "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg",
            "https://nvd.nist.gov/vuln/detail/CVE-2022-29204",
            "https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147",
            "https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943",
            "https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14",
            "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md",
            "https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4",
            "https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2",
            "https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1",
            "https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0",
            "https://github.com/advisories/GHSA-hx9q-2mx4-m4pg"
          ],
          "uuid": "1da332d9-f480-451d-be96-8216f70059e3"
        },
        {
          "affected_range": "\u003c2.6.4||\u003e=2.7.0,\u003c2.7.2||\u003e=2.8.0,\u003c2.8.1",
          "affected_versions": "All versions before 2.6.4, all versions starting from 2.7.0 before 2.7.2, all versions starting from 2.8.0 before 2.8.1",
          "cvss_v2": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
          "cvss_v3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-20",
            "CWE-937"
          ],
          "date": "2022-06-02",
          "description": "TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a positive scalar but there is no validation. Since this value is used to allocate the output tensor, a negative value would result in a `CHECK`-failure (assertion failure), as per TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.",
          "fixed_versions": [
            "2.6.4",
            "2.7.2",
            "2.8.1"
          ],
          "identifier": "CVE-2022-29204",
          "identifiers": [
            "CVE-2022-29204",
            "GHSA-hx9q-2mx4-m4pg"
          ],
          "not_impacted": "All versions starting from 2.6.4 before 2.7.0, all versions starting from 2.7.2 before 2.8.0, all versions starting from 2.8.1",
          "package_slug": "pypi/tensorflow",
          "pubdate": "2022-05-20",
          "solution": "Upgrade to versions 2.6.4, 2.7.2, 2.8.1 or above.",
          "title": "Missing validation causes denial of service via `Conv3DBackpropFilterV2`",
          "urls": [
            "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg",
            "https://nvd.nist.gov/vuln/detail/CVE-2022-29204",
            "https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147",
            "https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943",
            "https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14",
            "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md",
            "https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4",
            "https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2",
            "https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1",
            "https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0",
            "https://github.com/advisories/GHSA-hx9q-2mx4-m4pg"
          ],
          "uuid": "9e3dec58-8cb3-4afc-b265-2bc3bc2b459e"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:google:tensorflow:2.7.0:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:google:tensorflow:2.7.0:rc0:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.7.2",
                "versionStartIncluding": "2.7.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.6.4",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:google:tensorflow:2.8.0:rc0:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:google:tensorflow:2.8.0:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:google:tensorflow:2.9.0:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:google:tensorflow:2.9.0:rc0:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:google:tensorflow:2.8.0:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2022-29204"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a positive scalar but there is no validation. Since this value is used to allocate the output tensor, a negative value would result in a `CHECK`-failure (assertion failure), as per TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147"
            },
            {
              "name": "https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14"
            },
            {
              "name": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md"
            },
            {
              "name": "https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4",
              "refsource": "MISC",
              "tags": [
                "Release Notes",
                "Third Party Advisory"
              ],
              "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4"
            },
            {
              "name": "https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2",
              "refsource": "MISC",
              "tags": [
                "Release Notes",
                "Third Party Advisory"
              ],
              "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2"
            },
            {
              "name": "https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1",
              "refsource": "MISC",
              "tags": [
                "Release Notes",
                "Third Party Advisory"
              ],
              "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1"
            },
            {
              "name": "https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0",
              "refsource": "MISC",
              "tags": [
                "Release Notes",
                "Third Party Advisory"
              ],
              "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0"
            },
            {
              "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg"
            },
            {
              "name": "https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2022-06-02T19:27Z",
      "publishedDate": "2022-05-20T23:15Z"
    }
  }
}

FKIE_CVE-2022-29204

Vulnerability from fkie_nvd - Published: 2022-05-20 23:15 - Updated: 2025-06-25 21:00

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14	Third Party Advisory
security-advisories@github.com	https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4	Release Notes, Third Party Advisory
security-advisories@github.com	https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2	Release Notes, Third Party Advisory
security-advisories@github.com	https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1	Release Notes, Third Party Advisory
security-advisories@github.com	https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0	Release Notes, Third Party Advisory
security-advisories@github.com	https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg	Exploit, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4	Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2	Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1	Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0	Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg	Exploit, Patch, Third Party Advisory

Impacted products

Vendor	Product	Version
google	tensorflow	*
google	tensorflow	*
google	tensorflow	2.7.0
google	tensorflow	2.7.0
google	tensorflow	2.8.0
google	tensorflow	2.8.0
google	tensorflow	2.8.0
google	tensorflow	2.9.0
google	tensorflow	2.9.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE10B125-2FB7-49F7-98A3-6358C25372FD",
              "versionEndExcluding": "2.6.4",
              "versionStartIncluding": "1.15.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4DFBF2D-5283-42F6-8800-D653BFA5CE82",
              "versionEndExcluding": "2.7.2",
              "versionStartIncluding": "2.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:tensorflow:2.7.0:rc0:*:*:*:*:*:*",
              "matchCriteriaId": "A58EDA5C-66D6-46F1-962E-60AFB7C784A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:tensorflow:2.7.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "89522760-C2DF-400D-9624-626D8F160CBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:tensorflow:2.8.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "E9EA1898-ACAA-4699-8BAE-54D62C1819FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:tensorflow:2.8.0:rc0:*:*:*:*:*:*",
              "matchCriteriaId": "130DE3C9-6842-456F-A259-BF8FF8457217",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:tensorflow:2.8.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "BBF2FCEF-989C-409D-9F4C-81418C65B972",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:tensorflow:2.9.0:rc0:*:*:*:*:*:*",
              "matchCriteriaId": "9CFB1CFC-579D-4647-A472-6DE8BE1951DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:tensorflow:2.9.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "F3F3F37E-D27F-4060-830C-0AFF16150777",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a positive scalar but there is no validation. Since this value is used to allocate the output tensor, a negative value would result in a `CHECK`-failure (assertion failure), as per TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue."
    },
    {
      "lang": "es",
      "value": "TensorFlow es una plataforma de c\u00f3digo abierto para el aprendizaje autom\u00e1tico. En versiones anteriores a 2.9.0, 2.8.1, 2.7.2 y 2.6.4, la implementaci\u00f3n de \"tf.raw_ops.UnsortedSegmentJoin\" no comprobaba completamente los argumentos de entrada. Esto resulta en un fallo de \"CHECK\" que puede usarse para desencadenar un ataque de denegaci\u00f3n de servicio. El c\u00f3digo asume que \"num_segments\" es un escalar positivo, pero no lo comprueba. Dado que este valor es usado para asignar el tensor de salida, un valor negativo resulta en un fallo de \"CHECK\" (fallo de aserci\u00f3n), seg\u00fan TFSA-2021-198. Las versiones 2.9.0, 2.8.1, 2.7.2 y 2.6.4 contienen un parche para este problema"
    }
  ],
  "id": "CVE-2022-29204",
  "lastModified": "2025-06-25T21:00:03.170",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-05-20T23:15:44.610",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        },
        {
          "lang": "en",
          "value": "CWE-191"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-29204 (GCVE-0-2022-29204)

GHSA-HX9Q-2MX4-M4PG

Impact

Patches

For more information

Attribution

bit-tensorflow-2022-29204

Vulnerability from bitnami_vulndb

CNVD-2022-44170

GSD-2022-29204

FKIE_CVE-2022-29204

Tags

Sightings

Nomenclature