Moderate severityNVD Advisory· Published Sep 16, 2022· Updated Apr 23, 2025

Segfault in `RaggedBincount` in TensorFlow

CVE-2022-35986

Description

TensorFlow is an open source platform for machine learning. If RaggedBincount is given an empty input tensor splits, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 7a4591fd4f065f4fa903593bc39b2f79530a74b8. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
tensorflowPyPI	< 2.7.2	2.7.2
tensorflowPyPI	>= 2.8.0, < 2.8.1	2.8.1
tensorflowPyPI	>= 2.9.0, < 2.9.1	2.9.1

Affected products

Tensorflow/Tensorflowv5
Range: < 2.7.2

Patches

7a4591fd4f06

Fix RaggedBincount Segmentation Fault from the Splits arg

https://github.com/tensorflow/tensorflowA. Unique TensorFlowerJul 18, 2022via ghsa

commit

2 files changed · +15 −0

tensorflow/core/kernels/bincount_op.cc+3 −0 modified

@@ -493,6 +493,9 @@ class RaggedBincountOp : public OpKernel {
     int num_values = values.size();
     int batch_idx = 0;
 
+    OP_REQUIRES(ctx, splits.size() > 0,
+                errors::InvalidArgument("Splits must be non-empty"));
+
     OP_REQUIRES(ctx, splits(0) == 0,
                 errors::InvalidArgument("Splits must start with 0, not with ",
                                         splits(0)));

tensorflow/python/kernel_tests/math_ops/bincount_op_test.py+12 −0 modified

@@ -734,6 +734,18 @@ def test_size_is_not_scalar(self):  # b/206619828
               binary_output=False,
               name=None))
 
+  @test_util.run_in_graph_and_eager_modes
+  def test_splits_empty(self):  # b/238450914
+    with self.assertRaisesRegex((ValueError, errors.InvalidArgumentError),
+                                "Splits must be non-empty"):
+      self.evaluate(
+          gen_math_ops.ragged_bincount(
+              splits=[],  # Invalid splits
+              values=[1],
+              size=1,
+              weights=[1],
+              binary_output=False,
+              name=None))
 
 if __name__ == "__main__":
   googletest.main()

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/advisories/GHSA-wr9v-g9vf-c74vghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2022-35986ghsaADVISORY
github.com/tensorflow/tensorflow/commit/7a4591fd4f065f4fa903593bc39b2f79530a74b8ghsax_refsource_MISCWEB
github.com/tensorflow/tensorflow/releases/tag/v2.10.0ghsaWEB
github.com/tensorflow/tensorflow/security/advisories/GHSA-wr9v-g9vf-c74vghsax_refsource_CONFIRMWEB

News mentions

No linked articles in our index yet.

cvss	0.260
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000