`CHECK` fail in `DrawBoundingBoxes` in TensorFlow
Description
TensorFlow is an open source platform for machine learning. When DrawBoundingBoxes receives an input boxes that is not of dtype float, it gives a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit da0d65cdc1270038e72157ba35bf74b85d9bda11. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
tensorflowPyPI | < 2.7.2 | 2.7.2 |
tensorflowPyPI | >= 2.8.0, < 2.8.1 | 2.8.1 |
tensorflowPyPI | >= 2.9.0, < 2.9.1 | 2.9.1 |
tensorflow-cpuPyPI | < 2.7.2 | 2.7.2 |
tensorflow-cpuPyPI | >= 2.8.0, < 2.8.1 | 2.8.1 |
tensorflow-cpuPyPI | >= 2.9.0, < 2.9.1 | 2.9.1 |
tensorflow-gpuPyPI | < 2.7.2 | 2.7.2 |
tensorflow-gpuPyPI | >= 2.8.0, < 2.8.1 | 2.8.1 |
tensorflow-gpuPyPI | >= 2.9.0, < 2.9.1 | 2.9.1 |
Affected products
1- Range: < 2.7.2
Patches
1da0d65cdc127Fix dtype bug in draw bounding boxes.
2 files changed · +16 −3
tensorflow/core/kernels/image/draw_bounding_box_op.cc+1 −1 modified@@ -119,7 +119,7 @@ class DrawBoundingBoxesOp : public OpKernel { for (int64_t b = 0; b < batch_size; ++b) { const int64_t num_boxes = boxes.dim_size(1); - const auto tboxes = boxes.tensor<T, 3>(); + const auto tboxes = boxes.tensor<float, 3>(); for (int64_t bb = 0; bb < num_boxes; ++bb) { int64_t color_index = bb % color_table.size(); const int64_t min_box_row =
tensorflow/python/kernel_tests/image_ops/draw_bounding_box_op_test.py+15 −2 modified@@ -50,11 +50,16 @@ def _fillBorder(self, image, color): image[height - 1, 0:width, 0:depth] = color return image - def _testDrawBoundingBoxColorCycling(self, img, colors=None): + def _testDrawBoundingBoxColorCycling(self, + img, + dtype=dtypes.float32, + colors=None): """Tests if cycling works appropriately. Args: img: 3-D numpy image on which to draw. + dtype: image dtype (float, half). + colors: color table. """ color_table = colors if colors is None: @@ -82,7 +87,7 @@ def _testDrawBoundingBoxColorCycling(self, img, colors=None): bboxes = math_ops.cast(bboxes, dtypes.float32) bboxes = array_ops.expand_dims(bboxes, 0) image = ops.convert_to_tensor(image) - image = image_ops_impl.convert_image_dtype(image, dtypes.float32) + image = image_ops_impl.convert_image_dtype(image, dtype) image = array_ops.expand_dims(image, 0) image = image_ops.draw_bounding_boxes(image, bboxes, colors=colors) with self.cached_session(use_gpu=False) as sess: @@ -118,6 +123,14 @@ def testDrawBoundingBoxRGBAColorCyclingWithColors(self): [0, 0, 0.5, 1]]) self._testDrawBoundingBoxColorCycling(image, colors=colors) + def testDrawBoundingBoxHalf(self): + """Test if RGBA color cycling works correctly with provided colors.""" + image = np.zeros([10, 10, 4], "float32") + colors = np.asarray([[0.5, 0, 0.5, 1], [0.5, 0.5, 0, 1], [0.5, 0, 0, 1], + [0, 0, 0.5, 1]]) + self._testDrawBoundingBoxColorCycling( + image, dtype=dtypes.half, colors=colors) + if __name__ == "__main__": test.main()
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- github.com/advisories/GHSA-jqm7-m5q7-3hm5ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-36001ghsaADVISORY
- github.com/tensorflow/tensorflow/commit/da0d65cdc1270038e72157ba35bf74b85d9bda11ghsax_refsource_MISCWEB
- github.com/tensorflow/tensorflow/releases/tag/v2.10.0ghsaWEB
- github.com/tensorflow/tensorflow/security/advisories/GHSA-jqm7-m5q7-3hm5ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.