CVE-2022-21741

Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1, 2.6.3, and 2.5.3 are also affected

Description An attacker can craft a TFLite model to trigger a division by zero in the implementation of depthwise convolutions. The parameters of the convolution, which are user-controlled, are used in a division operation to determine the padding size before applying the convolution. There is no check to ensure the divisor is strictly positive.

Recommendations For versions prior to 2.8.0, update to TensorFlow 2.8.0 or later. For version 2.7.1, update to a version that includes the cherrypicked commit. For version 2.6.3, update to a version that includes the cherrypicked commit. For version 2.5.3, update to a version that includes the cherrypicked commit. As a temporary workaround, consider restricting the use of user-controlled convolution parameters to minimize the risk of exploitation.