We use cookies to improve your experience on our site.
AVID-2026-R0955
Description
Division by zero in TFLite (CVE-2022-21741)
Details
Tensorflow is an Open Source Machine Learning Framework. ### Impact An attacker can craft a TFLite model that would trigger a division by zero in the implementation of depthwise convolutions. The parameters of the convolution can be user controlled and are also used within a division operation to determine the size of the padding that needs to be added before applying the convolution. There is no check before this division that the divisor is strictly positive. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
Reason for inclusion in AVID: The candidate describes CVE-2022-21741: a division-by-zero vulnerability in TensorFlow Lite’s depthwise convolution, triggered by crafted TFLite models. This is a software vulnerability affecting a widely used ML framework/library, which is part of the AI software stack. It impacts the reliability/availability of AI systems and is located in a component (TensorFlow Lite) used to build, train (via models), deploy, or run AI systems, fitting the software supply chain context. The CVSS details indicate a network-based, low-privilege attack with availability impact, i.e., a security/safety vulnerability. The report provides signals of the affected component, impact, and fix with references. Therefore it qualifies for AVID curation as a vulnerability in the AI software supply chain.
References
- NVD entry
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-428x-9xc2-m8mj
- https://github.com/tensorflow/tensorflow/commit/e5b0eec199c2d03de54fd6a7fd9275692218e2bc
- https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/lite/kernels/depthwise_conv.cc#L96
Affected or Relevant Artifacts
- Developer: n/a
- Deployer: n/a
- Artifact Details:
| Type | Name |
|---|---|
| System | n/a |
Impact
AVID Taxonomy Categorization
- Risk domains: Security
- SEP subcategories: S0100: Software Vulnerability
- Lifecycle stages: L06: Deployment
CVSS
| Version | 3.1 |
| Vector String | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
| Base Score | 6.5 |
| Base Severity | 🟠 Medium |
| Attack Vector | NETWORK |
| Attack Complexity | 🟢 Low |
| Privileges Required | 🟢 Low |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | NONE |
| Integrity Impact | NONE |
| Availability Impact | 🔴 High |
Other information
- Report Type: Advisory
- Credits:
- Date Reported: 2022-02-03
- Version: 0.3.3
- AVID Entry