CVE-2025-3000 PyTorch torch.jit.script memory corruption

🗓️ 31 Mar 2025 15:00:10Reported by VulDBType

Critical memory corruption vulnerability in PyTorch 2.6.0 via torch.jit.script affects local host.

Reporter	Title	Published	Views	Family All 29
IBM Security Bulletins	Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in torch-2.6.0-cp313-cp313-manylinux1_x86_64.whl	20 Sep 202511:38	–	ibm
IBM Security Bulletins	Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in torch-2.6.0-cp313-cp313-manylinux1_x86_64.whl	22 Oct 202511:02	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM watsonx Code Assistant On Prem	22 Jul 202512:10	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses A vulnerability classified as critical was found in PyTorch 2.6.0. This vulnerability affects the function torch.lstm_cell. The manipulation leads to memory corruption.	9 May 202509:03	–	ibm
Circl	CVE-2025-3000	31 Mar 202515:31	–	circl
CNNVD	PyTorch 缓冲区错误漏洞	31 Mar 202500:00	–	cnnvd
CNVD	PyTorch torch.jit.script function buffer overflow vulnerability	9 Apr 202500:00	–	cnvd
CVE	CVE-2025-3000	31 Mar 202515:00	–	cve
Debian CVE	CVE-2025-3000	31 Mar 202515:00	–	debiancve
EUVD	EUVD-2025-8759	3 Oct 202520:07	–	euvd

[
  {
    "vendor": "n/a",
    "product": "PyTorch",
    "versions": [
      {
        "version": "2.6.0",
        "status": "affected"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
github	www.github.com/pytorch/pytorch/issues/149623
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
github	www.github.com/pytorch/pytorch/issues/149623

31 Mar 2025 15:00Current

CVSS 24.3

CVSS 44.8

CVSS 3.15.3

CVSS 35.3

EPSS0.00081

CWE-119

vulnerability pytorch security memory corruption local host