Division by zero in Tensorflow
Description
A division-by-zero vulnerability in TensorFlow's FractionalMaxPool op can crash the process; fixed in versions 2.8.0, 2.7.1, 2.6.3, 2.5.3.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A division-by-zero vulnerability in TensorFlow's FractionalMaxPool op can crash the process; fixed in versions 2.8.0, 2.7.1, 2.6.3, 2.5.3.
Vulnerability
The implementation of FractionalMaxPool in TensorFlow contains a division-by-zero bug [1]. The vulnerable code resides in tensorflow/core/kernels/fractional_max_pool_op.cc [4]. When processing certain inputs, the operation divides by zero, causing a crash. Affected versions include TensorFlow 2.5.x up to 2.7.0, 2.6.x up to 2.6.2, and 2.7.x up to 2.7.0. The fix is included in TensorFlow 2.8.0 and cherry-picked to 2.7.1, 2.6.3, and 2.5.3 [1][2][3].
Exploitation
An attacker can trigger this vulnerability by providing a crafted input tensor to the FractionalMaxPool operation. No special privileges are required; any user or process that can feed data to a TensorFlow model can cause the crash. The operation is commonly used in convolutional neural networks, so exploitation may occur when a model using FractionalMaxPool processes malicious input.
Impact
Successful exploitation results in a denial of service (DoS) by crashing the TensorFlow process. The crash is due to a division-by-zero error, which terminates the process. There is no evidence of code execution or information disclosure; the impact is limited to availability.
Mitigation
Users should upgrade to TensorFlow 2.8.0, 2.7.1, 2.6.3, or 2.5.3, which contain the fix [1][2][3]. If upgrading is not immediately possible, avoid using FractionalMaxPool with untrusted input or consider alternative pooling operations. The vulnerability is not known to be exploited in the wild and is not listed in CISA's Known Exploited Vulnerabilities catalog.
- NVD - CVE-2022-21735
- GitHub - tensorflow/tensorflow: An Open Source Machine Learning Framework for Everyone
- advisory-database/vulns/tensorflow-gpu/PYSEC-2022-114.yaml at main · pypa/advisory-database
- tensorflow/tensorflow/core/kernels/fractional_max_pool_op.cc at 5100e359aef5c8021f2e71c7b986420b85ce7b3d · tensorflow/tensorflow
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
tensorflowPyPI | < 2.5.3 | 2.5.3 |
tensorflowPyPI | >= 2.6.0, < 2.6.3 | 2.6.3 |
tensorflowPyPI | >= 2.7.0, < 2.7.1 | 2.7.1 |
tensorflow-cpuPyPI | < 2.5.3 | 2.5.3 |
tensorflow-cpuPyPI | >= 2.6.0, < 2.6.3 | 2.6.3 |
tensorflow-cpuPyPI | >= 2.7.0, < 2.7.1 | 2.7.1 |
tensorflow-gpuPyPI | < 2.5.3 | 2.5.3 |
tensorflow-gpuPyPI | >= 2.6.0, < 2.6.3 | 2.6.3 |
tensorflow-gpuPyPI | >= 2.7.0, < 2.7.1 | 2.7.1 |
Affected products
5- osv-coords4 versions
< 2.5.3+ 3 more
- (no CPE)range: < 2.5.3
- (no CPE)range: < 2.5.3
- (no CPE)range: < 2.5.3
- (no CPE)range: < 2.5.3
Patches
1ba4e8ac4dc29Fix potential divide by zero error when executing FractionalMaxPool, when pooling ratio is higher than input size for a particular dimension.
2 files changed · +26 −0
tensorflow/core/kernels/fractional_max_pool_op.cc+7 −0 modified@@ -83,6 +83,13 @@ class FractionalMaxPoolOp : public OpKernel { std::vector<int> output_size(tensor_in_and_out_dims); for (int i = 0; i < tensor_in_and_out_dims; ++i) { input_size[i] = tensor_in.dim_size(i); + + OP_REQUIRES( + context, input_size[i] >= pooling_ratio_[i], + errors::InvalidArgument("Pooling ratio is higher than input " + "dimension size for dimension ", + i, ". Input dim size: ", input_size[i], + " pooling ratio: ", pooling_ratio_[i])); } // Output size. for (int i = 0; i < tensor_in_and_out_dims; ++i) {
tensorflow/python/kernel_tests/nn_ops/fractional_max_pool_op_test.py+19 −0 modified@@ -20,6 +20,7 @@ from tensorflow.python.framework import constant_op from tensorflow.python.framework import dtypes +from tensorflow.python.framework import errors from tensorflow.python.framework import test_util from tensorflow.python.ops import array_ops from tensorflow.python.ops import gen_nn_ops @@ -319,6 +320,24 @@ def testDeterminismExceptionThrowing(self): nn_ops.fractional_max_pool( rand_mat, [1, 1.5, 1.5, 1], seed=1, seed2=1, deterministic=True) + def testPoolingRatio(self): + with self.cached_session() as _: + with self.assertRaisesRegex( + errors.InvalidArgumentError, + r"Pooling ratio is higher than input dimension size for dimension 1.*" + ): + result = nn_ops.gen_nn_ops.fractional_max_pool( + value=constant_op.constant( + value=[[[[1, 4, 2, 3]]]], dtype=dtypes.int64), + pooling_ratio=[1.0, 1.44, 1.73, 1.0], + pseudo_random=False, + overlapping=False, + deterministic=False, + seed=0, + seed2=0, + name=None) + self.evaluate(result) + class FractionalMaxPoolGradTest(test.TestCase): """Tests for FractionalMaxPoolGrad.
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
7- github.com/advisories/GHSA-87v6-crgm-2gfjghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-21735ghsaADVISORY
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-59.yamlghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-114.yamlghsaWEB
- github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/fractional_max_pool_op.ccghsax_refsource_MISCWEB
- github.com/tensorflow/tensorflow/commit/ba4e8ac4dc2991e350d5cc407f8598c8d4ee70fbghsax_refsource_MISCWEB
- github.com/tensorflow/tensorflow/security/advisories/GHSA-87v6-crgm-2gfjghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.