CWE-369
AllowedDivide By Zero
Abstraction: Base · Status: Draft
The product divides a value by zero.
579 vulnerabilities reference this CWE, most recent first.
GHSA-7PWX-R922-2J5R
Vulnerability from github – Published: 2022-05-13 01:16 – Updated: 2022-05-13 01:16Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.
{
"affected": [],
"aliases": [
"CVE-2016-10506"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-08-30T09:29:00Z",
"severity": "MODERATE"
},
"details": "Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.",
"id": "GHSA-7pwx-r922-2j5r",
"modified": "2022-05-13T01:16:22Z",
"published": "2022-05-13T01:16:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10506"
},
{
"type": "WEB",
"url": "https://github.com/uclouvain/openjpeg/issues/731"
},
{
"type": "WEB",
"url": "https://github.com/uclouvain/openjpeg/issues/732"
},
{
"type": "WEB",
"url": "https://github.com/uclouvain/openjpeg/issues/777"
},
{
"type": "WEB",
"url": "https://github.com/uclouvain/openjpeg/issues/778"
},
{
"type": "WEB",
"url": "https://github.com/uclouvain/openjpeg/issues/779"
},
{
"type": "WEB",
"url": "https://github.com/uclouvain/openjpeg/issues/780"
},
{
"type": "WEB",
"url": "https://github.com/uclouvain/openjpeg/commit/d27ccf01c68a31ad62b33d2dc1ba2bb1eeaafe7b"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201710-26"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/100573"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7V94-64HJ-M82H
Vulnerability from github – Published: 2021-11-10 19:02 – Updated: 2024-11-13 21:57Impact
The implementation of ParallelConcat misses some input validation and can produce a division by 0:
import tensorflow as tf
@tf.function
def test():
y = tf.raw_ops.ParallelConcat(values=[['tf']],shape=0)
return y
test()
Patches
We have patched the issue in GitHub commit f2c3931113eaafe9ef558faaddd48e00a6606235.
The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by members of the Aivul Team from Qihoo 360.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.6.0"
},
{
"fixed": "2.6.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.4.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.4.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.6.0"
},
{
"fixed": "2.6.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.4.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.6.0"
},
{
"fixed": "2.6.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-41207"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": true,
"github_reviewed_at": "2021-11-08T22:39:54Z",
"nvd_published_at": "2021-11-05T22:15:00Z",
"severity": "MODERATE"
},
"details": "### Impact\nThe [implementation of `ParallelConcat`](https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/inplace_ops.cc#L72-L97) misses some input validation and can produce a division by 0:\n\n```python\nimport tensorflow as tf\n\n@tf.function\ndef test():\n y = tf.raw_ops.ParallelConcat(values=[[\u0027tf\u0027]],shape=0)\n return y\n\ntest()\n```\n\n### Patches\nWe have patched the issue in GitHub commit [f2c3931113eaafe9ef558faaddd48e00a6606235](https://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235).\n\nThe fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.",
"id": "GHSA-7v94-64hj-m82h",
"modified": "2024-11-13T21:57:41Z",
"published": "2021-11-10T19:02:57Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7v94-64hj-m82h"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41207"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/commit/9de11bdc2cf1284b2f635419bd3e6bbc7643eb2c"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/commit/d11f21bbdfa54f3576ae860fc927bf23c675ebc0"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/commit/e67caccea81167402c62977b5c521f2a8b261d6a"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-616.yaml"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-814.yaml"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-399.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/tensorflow/tensorflow"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/inplace_ops.cc#L72-L97"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "FPE in `ParallelConcat`"
}
GHSA-7XPM-Q9MM-P5QH
Vulnerability from github – Published: 2026-07-06 09:30 – Updated: 2026-07-06 09:30A security vulnerability has been detected in GPAC 26.03-DEV-rev342-g80071f700-master. The impacted element is the function txtin_probe_duration of the file src/filters/load_text.c of the component TeXML File Handler. Such manipulation of the argument txml_timescale leads to divide by zero. An attack has to be approached locally. The name of the patch is 86a5191f2e750c767253e27ed6cfd6d547afebc2. A patch should be applied to remediate this issue.
{
"affected": [],
"aliases": [
"CVE-2026-14801"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-06T08:16:35Z",
"severity": "MODERATE"
},
"details": "A security vulnerability has been detected in GPAC 26.03-DEV-rev342-g80071f700-master. The impacted element is the function txtin_probe_duration of the file src/filters/load_text.c of the component TeXML File Handler. Such manipulation of the argument txml_timescale leads to divide by zero. An attack has to be approached locally. The name of the patch is 86a5191f2e750c767253e27ed6cfd6d547afebc2. A patch should be applied to remediate this issue.",
"id": "GHSA-7xpm-q9mm-p5qh",
"modified": "2026-07-06T09:30:27Z",
"published": "2026-07-06T09:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-14801"
},
{
"type": "WEB",
"url": "https://github.com/gpac/gpac/issues/3610"
},
{
"type": "WEB",
"url": "https://github.com/gpac/gpac/commit/86a5191f2e750c767253e27ed6cfd6d547afebc2"
},
{
"type": "WEB",
"url": "https://github.com/gpac/gpac"
},
{
"type": "WEB",
"url": "https://vuldb.com/cve/CVE-2026-14801"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/850854"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/376395"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/376395/cti"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-8279-9GQQ-PRR4
Vulnerability from github – Published: 2022-05-14 01:42 – Updated: 2022-05-14 01:42libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted Waveform audio file.
{
"affected": [],
"aliases": [
"CVE-2018-14394"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-07-19T05:29:00Z",
"severity": "MODERATE"
},
"details": "libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted Waveform audio file.",
"id": "GHSA-8279-9gqq-prr4",
"modified": "2022-05-14T01:42:29Z",
"published": "2022-05-14T01:42:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14394"
},
{
"type": "WEB",
"url": "https://github.com/FFmpeg/FFmpeg/commit/3a2d21bc5f97aa0161db3ae731fc2732be6108b8"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00006.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-83FR-598X-JGGW
Vulnerability from github – Published: 2022-05-13 01:13 – Updated: 2022-05-13 01:13The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving blit pitch values.
{
"affected": [],
"aliases": [
"CVE-2016-9922"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-03-27T15:59:00Z",
"severity": "MODERATE"
},
"details": "The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving blit pitch values.",
"id": "GHSA-83fr-598x-jggw",
"modified": "2022-05-13T01:13:40Z",
"published": "2022-05-13T01:13:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9922"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2392"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2408"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2016-9922"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1334398"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
},
{
"type": "WEB",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2016-12/msg00442.html"
},
{
"type": "WEB",
"url": "http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=4299b90e9ba9ce5ca9024572804ba751aa1a7e70"
},
{
"type": "WEB",
"url": "http://git.qemu-project.org/?p=qemu.git;a=commit;h=4299b90e9ba9ce5ca9024572804ba751aa1a7e70"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2016/12/09/1"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/94803"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-86F2-M36J-8V7Q
Vulnerability from github – Published: 2022-05-14 03:45 – Updated: 2022-05-14 03:45ImpulseAdventure JPEGsnoop version 1.7.5 is vulnerable to a division by zero in the JFIF decode handling resulting denial of service.
{
"affected": [],
"aliases": [
"CVE-2017-1000414"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-01-25T16:29:00Z",
"severity": "HIGH"
},
"details": "ImpulseAdventure JPEGsnoop version 1.7.5 is vulnerable to a division by zero in the JFIF decode handling resulting denial of service.",
"id": "GHSA-86f2-m36j-8v7q",
"modified": "2022-05-14T03:45:42Z",
"published": "2022-05-14T03:45:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000414"
},
{
"type": "WEB",
"url": "https://github.com/ImpulseAdventure/JPEGsnoop/commit/b4e458612d4294e0cfe01dbf1c0b09a07a8133a4#diff-cf9182aecc9d630e8db2e0e35f1eec65"
},
{
"type": "WEB",
"url": "https://www.impulseadventure.com/photo/jpeg-snoop-history.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-879H-M867-CPJQ
Vulnerability from github – Published: 2026-04-24 15:32 – Updated: 2026-06-01 18:31In the Linux kernel, the following vulnerability has been resolved:
fbdev: tdfxfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO
Much like commit 19f953e74356 ("fbdev: fb_pm2fb: Avoid potential divide by zero error"), we also need to prevent that same crash from happening in the udlfb driver as it uses pixclock directly when dividing, which will crash.
{
"affected": [],
"aliases": [
"CVE-2026-31618"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-24T15:16:41Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: tdfxfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO\n\nMuch like commit 19f953e74356 (\"fbdev: fb_pm2fb: Avoid potential divide\nby zero error\"), we also need to prevent that same crash from happening\nin the udlfb driver as it uses pixclock directly when dividing, which\nwill crash.",
"id": "GHSA-879h-m867-cpjq",
"modified": "2026-06-01T18:31:27Z",
"published": "2026-04-24T15:32:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31618"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2f207e46c62688bb7eb4e3feaf9a0d94020fb0c9"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/53cb4e79a07124d2ebe502983c29800104080b47"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/59bde9e0930efef1286768cb65fc78d5e5267f93"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/63dfb0b4741f46d65b667c4275132b3d1966acc8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6567d3e1aaadfebf44ce7dc9ea2630323cd4c736"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/6c05191598eca87a87329b3f6e4a0825775f09cf"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/859a239d58a812b61267d9944b701affe6a6244e"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8f98b81fe011e1879e6a7b1247e69e06a5e17af2"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/fc386daa6846551a88d338ba9864fc2812cd9030"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-87V6-CRGM-2GFJ
Vulnerability from github – Published: 2022-02-10 00:21 – Updated: 2024-11-13 22:13Impact
The implementation of FractionalMaxPool can be made to crash a TensorFlow process via a division by 0:
import tensorflow as tf
import numpy as np
tf.raw_ops.FractionalMaxPool(
value=tf.constant(value=[[[[1, 4, 2, 3]]]], dtype=tf.int64),
pooling_ratio=[1.0, 1.44, 1.73, 1.0],
pseudo_random=False,
overlapping=False,
deterministic=False,
seed=0,
seed2=0,
name=None)
Patches
We have patched the issue in GitHub commit ba4e8ac4dc2991e350d5cc407f8598c8d4ee70fb.
The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by Faysal Hossain Shezan from University of Virginia.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.5.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.6.0"
},
{
"fixed": "2.6.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.7.0"
},
{
"fixed": "2.7.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.7.0"
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.5.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.6.0"
},
{
"fixed": "2.6.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.7.0"
},
{
"fixed": "2.7.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.7.0"
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.5.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.6.0"
},
{
"fixed": "2.6.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.7.0"
},
{
"fixed": "2.7.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.7.0"
]
}
],
"aliases": [
"CVE-2022-21735"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": true,
"github_reviewed_at": "2022-02-03T19:51:55Z",
"nvd_published_at": "2022-02-03T13:15:00Z",
"severity": "HIGH"
},
"details": "### Impact \nThe [implementation of `FractionalMaxPool`](https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/fractional_max_pool_op.cc#L36-L192) can be made to crash a TensorFlow process via a division by 0:\n\n```python\nimport tensorflow as tf\nimport numpy as np\n\ntf.raw_ops.FractionalMaxPool(\n value=tf.constant(value=[[[[1, 4, 2, 3]]]], dtype=tf.int64),\n pooling_ratio=[1.0, 1.44, 1.73, 1.0],\n pseudo_random=False,\n overlapping=False,\n deterministic=False,\n seed=0,\n seed2=0,\n name=None)\n```\n\n### Patches\nWe have patched the issue in GitHub commit [ba4e8ac4dc2991e350d5cc407f8598c8d4ee70fb](https://github.com/tensorflow/tensorflow/commit/ba4e8ac4dc2991e350d5cc407f8598c8d4ee70fb).\n\nThe fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Faysal Hossain Shezan from University of Virginia.",
"id": "GHSA-87v6-crgm-2gfj",
"modified": "2024-11-13T22:13:23Z",
"published": "2022-02-10T00:21:32Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-87v6-crgm-2gfj"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21735"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/commit/ba4e8ac4dc2991e350d5cc407f8598c8d4ee70fb"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-59.yaml"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-114.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/tensorflow/tensorflow"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/fractional_max_pool_op.cc#L36-L192"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Division by zero in Tensorflow"
}
GHSA-88H3-V66M-CV23
Vulnerability from github – Published: 2023-02-27 15:30 – Updated: 2023-03-07 15:30In crasm 1.8-3, invalid input validation, specific files passed to the command line application, can lead to a divide by zero fault in the function opdiv.
{
"affected": [],
"aliases": [
"CVE-2023-23109"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-02-27T14:15:00Z",
"severity": "HIGH"
},
"details": "In crasm 1.8-3, invalid input validation, specific files passed to the command line application, can lead to a divide by zero fault in the function opdiv.",
"id": "GHSA-88h3-v66m-cv23",
"modified": "2023-03-07T15:30:38Z",
"published": "2023-02-27T15:30:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23109"
},
{
"type": "WEB",
"url": "https://github.com/colinbourassa/crasm/pull/7"
},
{
"type": "WEB",
"url": "https://github.com/WhatTheFuzz/crasm-fuzz/tree/a020ad6ad99a72ca373f7dd1aab3a61a7c87fd66/bug-floating-point-exception"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-8CGV-6QHM-JGP2
Vulnerability from github – Published: 2024-11-09 12:30 – Updated: 2025-11-04 00:31In the Linux kernel, the following vulnerability has been resolved:
iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr()
In the ad7124_write_raw() function, parameter val can potentially be zero. This may lead to a division by zero when DIV_ROUND_CLOSEST() is called within ad7124_set_channel_odr(). The ad7124_write_raw() function is invoked through the sequence: iio_write_channel_raw() -> iio_write_channel_attribute() -> iio_channel_write(), with no checks in place to ensure val is non-zero.
{
"affected": [],
"aliases": [
"CVE-2024-50232"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-09T11:15:09Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: ad7124: fix division by zero in ad7124_set_channel_odr()\n\nIn the ad7124_write_raw() function, parameter val can potentially\nbe zero. This may lead to a division by zero when DIV_ROUND_CLOSEST()\nis called within ad7124_set_channel_odr(). The ad7124_write_raw()\nfunction is invoked through the sequence: iio_write_channel_raw() -\u003e\niio_write_channel_attribute() -\u003e iio_channel_write(), with no checks\nin place to ensure val is non-zero.",
"id": "GHSA-8cgv-6qhm-jgp2",
"modified": "2025-11-04T00:31:59Z",
"published": "2024-11-09T12:30:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50232"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0ac0beb4235a9a474f681280a3bd4e2a5bb66569"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3dc0eda2cd5c653b162852ae5f0631bfe4ca5e95"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4f588fffc307a4bc2761aee6ff275bb4b433e451"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/efa353ae1b0541981bc96dbf2e586387d0392baa"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f51343f346e6abde094548a7fb34472b0d4cae91"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.