Moderate severityNVD Advisory· Published Sep 16, 2022· Updated Apr 23, 2025
`CHECK` fail in `LRNGrad` in TensorFlow
CVE-2022-35985
Description
TensorFlow is an open source platform for machine learning. If LRNGrad is given an output_image input tensor that is not 4-D, it results in a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit bd90b3efab4ec958b228cd7cfe9125be1c0cf255. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
tensorflowPyPI | < 2.7.2 | 2.7.2 |
tensorflowPyPI | >= 2.8.0, < 2.8.1 | 2.8.1 |
tensorflowPyPI | >= 2.9.0, < 2.9.1 | 2.9.1 |
tensorflow-cpuPyPI | < 2.7.2 | 2.7.2 |
tensorflow-cpuPyPI | >= 2.8.0, < 2.8.1 | 2.8.1 |
tensorflow-cpuPyPI | >= 2.9.0, < 2.9.1 | 2.9.1 |
tensorflow-gpuPyPI | < 2.7.2 | 2.7.2 |
tensorflow-gpuPyPI | >= 2.8.0, < 2.8.1 | 2.8.1 |
tensorflow-gpuPyPI | >= 2.9.0, < 2.9.1 | 2.9.1 |
Affected products
1- Range: < 2.7.2
Patches
1bd90b3efab4eFix security vulnerability with LRNGradOp
2 files changed · +39 −1
tensorflow/core/kernels/lrn_op.cc+2 −1 modified@@ -668,7 +668,8 @@ class LRNGradOp : public OpKernel { in_image.dim_size(0) == batch && in_image.dim_size(1) == rows && in_image.dim_size(2) == cols && in_image.dim_size(3) == depth && out_image.dim_size(0) == batch && out_image.dim_size(1) == rows && - out_image.dim_size(2) == cols && out_image.dim_size(3) == depth, + out_image.dim_size(2) == cols && out_image.dim_size(3) == depth && + out_image.dims() == 4, errors::InvalidArgument( "input_grads, input_image, and out_image should have the same " "shape"));
tensorflow/python/kernel_tests/nn_ops/lrn_op_test.py+37 −0 modified@@ -20,11 +20,13 @@ from tensorflow.python.framework import constant_op from tensorflow.python.framework import dtypes +from tensorflow.python.framework import errors_impl from tensorflow.python.framework import test_util from tensorflow.python.ops import array_ops from tensorflow.python.ops import gradient_checker from tensorflow.python.ops import gradients_impl from tensorflow.python.ops import nn +from tensorflow.python.ops import random_ops import tensorflow.python.ops.nn_grad # pylint: disable=unused-import from tensorflow.python.platform import test @@ -111,6 +113,41 @@ def testGradientsZeroInput(self): self.assertAllClose(r, expected) self.assertShapeEqual(expected, grad) + @test_util.run_in_graph_and_eager_modes + def testIncompatibleInputAndOutputImageShapes(self): + depth_radius = 1 + bias = 1.59018219 + alpha = 0.117728651 + beta = 0.404427052 + input_grads = random_ops.random_uniform( + shape=[4, 4, 4, 4], + minval=-10000, + maxval=10000, + dtype=dtypes.float32, + seed=-2033) + input_image = random_ops.random_uniform( + shape=[4, 4, 4, 4], + minval=-10000, + maxval=10000, + dtype=dtypes.float32, + seed=-2033) + invalid_output_image = random_ops.random_uniform( + shape=[4, 4, 4, 4, 4, 4], + minval=-10000, + maxval=10000, + dtype=dtypes.float32, + seed=-2033) + with self.assertRaises((ValueError, errors_impl.InvalidArgumentError)): + self.evaluate( + nn.lrn_grad( + input_grads=input_grads, + input_image=input_image, + output_image=invalid_output_image, + depth_radius=depth_radius, + bias=bias, + alpha=alpha, + beta=beta)) + def _RunAndVerifyGradients(self, dtype): with self.cached_session(): # random shape
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- github.com/advisories/GHSA-9942-r22v-78cpghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-35985ghsaADVISORY
- github.com/tensorflow/tensorflow/commit/bd90b3efab4ec958b228cd7cfe9125be1c0cf255ghsax_refsource_MISCWEB
- github.com/tensorflow/tensorflow/releases/tag/v2.10.0ghsaWEB
- github.com/tensorflow/tensorflow/security/advisories/GHSA-9942-r22v-78cpghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.