{"id":"CVE-2022-35966","summary":"Segfault in `QuantizedAvgPool` in TensorFlow","details":"TensorFlow is an open source platform for machine learning. If `QuantizedAvgPool` is given `min_input` or `max_input` tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 7cdf9d4d2083b739ec81cfdace546b0c99f50622. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.","aliases":["BIT-tensorflow-2022-35966","GHSA-4w68-4x85-mjj9"],"modified":"2026-05-01T11:16:17.426558Z","published":"2022-09-16T20:35:15Z","related":["openSUSE-SU-2024:12355-1"],"database_specific":{"cna_assigner":"GitHub_M","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/35xxx/CVE-2022-35966.json","cwe_ids":["CWE-20"]},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/35xxx/CVE-2022-35966.json"},{"type":"ADVISORY","url":"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4w68-4x85-mjj9"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-35966"},{"type":"FIX","url":"https://github.com/tensorflow/tensorflow/commit/7cdf9d4d2083b739ec81cfdace546b0c99f50622"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/tensorflow/tensorflow","events":[{"introduced":"c256c071bb26e1e13b4666d1b3e229e110bc914a"},{"fixed":"dd7b8a3c1714d0052ce4b4a2fd8dcef927439a24"},{"introduced":"3f878cff5b698b82eea85db2b60d65a2e320850e"},{"fixed":"0516d4d8bced506cae97dc3cb45dbd2fe4311f26"},{"introduced":"8a20d54a3c1bfa38c03ea99a2ad3c1b0a45dfa95"},{"fixed":"d8ce9f9c301d021a69953134185ab728c1c248d3"},{"fixed":"7cdf9d4d2083b739ec81cfdace546b0c99f50622"}],"database_specific":{"source":["CPE_FIELD","REFERENCES"],"cpe":"cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"2.7.0"},{"fixed":"2.7.2"},{"introduced":"2.8.0"},{"fixed":"2.8.1"},{"introduced":"2.9.0"},{"fixed":"2.9.1"}]}}],"versions":["v2.7.0","v2.7.1","v2.8.0","v2.9.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-35966.json","vanir_signatures_modified":"2026-05-01T11:16:17Z","vanir_signatures":[{"id":"CVE-2022-35966-3bcd38a1","deprecated":false,"digest":{"threshold":0.9,"line_hashes":["256579154318401153561906059548999128274","106147526555187028093079791396506569264","99421690762607116001747428385453757047","268719827737299723721345945096112816695","267660691360562407243459247078302917474","169952100534647716167949913810680583634","109527901678301174450885467463693365181","172299827331785978264624772151527615456","239863545451335074757860889073589246138","235885611206765374143978960245371176906","207578111093747595915597323940916101196","323329434324668815025100193641883977391","22009816560378682349032038194732788285","268066822253293526040784511895499805949","29227388679212336644436141361264255153","322768318731874760247591625720942111996","14059898453746888813143846056970828016","12392570045822526828576431086675675772","228603362520047350285510346344940005398","31397901582451724396055036699048826126","197946299582485775896645528572626053009","304648497545880657194121091974189486580","133284920866441609068342892908780036311","79674693541092857102569173130813066237","17383875992467151212202519404669002519","75040904651827674785370128630038210177","36976721905703923836440159195294432149","283045633275373131592547034676551923186","42081933773259870517001330044529068172","99322270435453032529178900561957516403","195084312363774690633469956386500048216","318798572630709722763717446883631807343"]},"signature_type":"Line","source":"https://github.com/tensorflow/tensorflow/commit/7cdf9d4d2083b739ec81cfdace546b0c99f50622","signature_version":"v1","target":{"file":"tensorflow/core/kernels/quantized_pooling_ops.cc"}},{"id":"CVE-2022-35966-54c21afb","deprecated":false,"digest":{"function_hash":"190285238284107788362300952201405925219","length":1728},"signature_type":"Function","source":"https://github.com/tensorflow/tensorflow/commit/7cdf9d4d2083b739ec81cfdace546b0c99f50622","signature_version":"v1","target":{"function":"TEST_F","file":"tensorflow/core/kernels/quantized_pooling_ops_test.cc"}},{"id":"CVE-2022-35966-a1528da4","deprecated":false,"digest":{"function_hash":"242800886680428015166151369952840522257","length":1726},"signature_type":"Function","source":"https://github.com/tensorflow/tensorflow/commit/7cdf9d4d2083b739ec81cfdace546b0c99f50622","signature_version":"v1","target":{"function":"TEST_F","file":"tensorflow/core/kernels/quantized_pooling_ops_test.cc"}},{"id":"CVE-2022-35966-ad8f8d99","deprecated":false,"digest":{"threshold":0.9,"line_hashes":["160443600664114120438013504024413807277","8426146646833268737914940905314965737","231881554537897185496361437809745214091","187998750230883982641040290065386050155","285309588404052896647879083311248870071","138384215030840741759627236871977598172","8426146646833268737914940905314965737","231881554537897185496361437809745214091","187998750230883982641040290065386050155","285309588404052896647879083311248870071"]},"signature_type":"Line","source":"https://github.com/tensorflow/tensorflow/commit/7cdf9d4d2083b739ec81cfdace546b0c99f50622","signature_version":"v1","target":{"file":"tensorflow/core/kernels/quantized_pooling_ops_test.cc"}}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}