Moderate severityNVD Advisory· Published May 20, 2022· Updated Apr 22, 2025
Incomplete validation in signal ops leads to crashes in TensorFlow
CVE-2022-29213
Description
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the tf.compat.v1.signal.rfft2d and tf.compat.v1.signal.rfft3d lack input validation and under certain condition can result in crashes (due to CHECK-failures). Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
tensorflowPyPI | < 2.6.4 | 2.6.4 |
tensorflowPyPI | >= 2.7.0, < 2.7.2 | 2.7.2 |
tensorflowPyPI | >= 2.8.0, < 2.8.1 | 2.8.1 |
tensorflow-cpuPyPI | < 2.6.4 | 2.6.4 |
tensorflow-cpuPyPI | >= 2.7.0, < 2.7.2 | 2.7.2 |
tensorflow-cpuPyPI | >= 2.8.0, < 2.8.1 | 2.8.1 |
tensorflow-gpuPyPI | < 2.6.4 | 2.6.4 |
tensorflow-gpuPyPI | >= 2.7.0, < 2.7.2 | 2.7.2 |
tensorflow-gpuPyPI | >= 2.8.0, < 2.8.1 | 2.8.1 |
Affected products
1- Range: < 2.6.4
Patches
10a8a781e597bMerge pull request #55274 from yongtang:55263-tf.signal.rfft2d
2 files changed · +13 −0
tensorflow/core/kernels/fft_ops.cc+4 −0 modified@@ -66,6 +66,10 @@ class FFTBase : public OpKernel { auto fft_length_as_vec = fft_length.vec<int32>(); for (int i = 0; i < fft_rank; ++i) { + OP_REQUIRES(ctx, fft_length_as_vec(i) >= 0, + errors::InvalidArgument( + "fft_length[", i, + "] must >= 0, but got: ", fft_length_as_vec(i))); fft_shape[i] = fft_length_as_vec(i); // Each input dimension must have length of at least fft_shape[i]. For // IRFFTs, the inner-most input dimension must have length of at least
tensorflow/python/kernel_tests/signal/fft_ops_test.py+9 −0 modified@@ -609,6 +609,15 @@ def test_grad_random(self, rank, extra_dims, size, np_rtype): self._tf_ifft_for_rank(rank), re, im, result_is_complex=False, rtol=tol, atol=tol) + def test_invalid_args(self): + # Test case for GitHub issue 55263 + a = np.empty([6, 0]) + b = np.array([1, -1]) + with self.assertRaisesRegex(errors.InvalidArgumentError, "must >= 0"): + with self.session(): + v = fft_ops.rfft2d(input_tensor=a, fft_length=b) + self.evaluate(v) + @test_util.run_all_in_graph_and_eager_modes class FFTShiftTest(test.TestCase, parameterized.TestCase):
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
10- github.com/advisories/GHSA-5889-7v45-q28mghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-29213ghsaADVISORY
- github.com/tensorflow/tensorflow/commit/0a8a781e597b18ead006d19b7d23d0a369e9ad73ghsax_refsource_MISCWEB
- github.com/tensorflow/tensorflow/issues/55263ghsax_refsource_MISCWEB
- github.com/tensorflow/tensorflow/pull/55274ghsax_refsource_MISCWEB
- github.com/tensorflow/tensorflow/releases/tag/v2.6.4ghsax_refsource_MISCWEB
- github.com/tensorflow/tensorflow/releases/tag/v2.7.2ghsax_refsource_MISCWEB
- github.com/tensorflow/tensorflow/releases/tag/v2.8.1ghsax_refsource_MISCWEB
- github.com/tensorflow/tensorflow/releases/tag/v2.9.0ghsax_refsource_MISCWEB
- github.com/tensorflow/tensorflow/security/advisories/GHSA-5889-7v45-q28mghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.