In PyTorch before 2.7.0, when torch.compile is used, FractionalMaxPool2d has inconsistent results.

...

DEBIAN-CVE-2025-46150

In PyTorch before 2.7.0, when torch.compile is used, FractionalMaxPool2d has inconsistent results...

CVE-2025-46150

In PyTorch before 2.7.0, when torch.compile is used, FractionalMaxPool2d has inconsistent results...

Use of Out-of-range Pointer Offset

Overview Affected versions of this package are vulnerable to Use of Out-of-range Pointer Offset via the fractionalmaxpool function in torch.nn.FractionalMaxPool2d component when used with torch.compile. An attacker can cause inconsistent computational results by exploiting this behavior,...

Use of Out-of-range Pointer Offset

Overview torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration Affected versions of this package are vulnerable to Use of Out-of-range Pointer Offset via the fractionalmaxpool function in torch.nn.FractionalMaxPool2d component when used with torch.compile. An...

PT-2025-39381

Name of the Vulnerable Software and Affected Versions PyTorch versions prior to 2.7.0 Description When torch.compile is used, the FractionalMaxPool2d function exhibits inconsistent results. This issue affects the accuracy of computations involving this specific function within the PyTorch...

CVE-2025-46150

In PyTorch before 2.7.0, when torch.compile is used, FractionalMaxPool2d has inconsistent results...

CVE-2025-46150

CVE-2025-46150 is referenced in connected IBM bulletin as affecting PyTorch: prior to 2.7.0, using torch.compile can cause FractionalMaxPool2d to produce inconsistent results. The IBM document lists the CVE entry and its description but provides no technical details on root cause, vulnerable vers...

CVE-2025-46150

In PyTorch before 2.7.0, when torch.compile is used, FractionalMaxPool2d has inconsistent results...

TensorFlow has double free in Fractional(Max/Avg)Pool

...

GHSA-F49C-87JH-G47Q TensorFlow has double free in Fractional(Max/Avg)Pool

Impact nnops.fractionalavgpoolv2 and nnops.fractionalmaxpoolv2 require the first and fourth elements of their parameter poolingratio to be equal to 1.0, as pooling on batch and channel dimensions is not supported. python import tensorflow as tf import os import numpy as np from...

SUSE CVE-2021-29580

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.FractionalMaxPoolGrad triggers an undefined behavior if one of the input tensors is empty. The code is also vulnerable to a denial of service attack as a CHECK condition becomes false and aborts...

FractionalMaxPool and FractionalAVGPool heap out-of-bounds acess in Tensorflow

...

GHSA-XVWP-H6JV-7472 FractionalMaxPool and FractionalAVGPool heap out-of-bounds acess

Impact An input poolingratio that is smaller than 1 will trigger a heap OOB in tf.rawops.FractionalMaxPool and tf.rawops.FractionalAvgPool. Patches We have patched the issue in GitHub commit 216525144ee7c910296f5b05d214ca1327c9ce48. The fix will be included in TensorFlow 2.11.0. We will also cher...

GHSA-F2W8-JW48-FR7J `FractionalMaxPoolGrad` Heap out of bounds read

Impact If FractionMaxPoolGrad is given outsize inputs rowpoolingsequence and colpoolingsequence, TensorFlow will crash. python import tensorflow as tf tf.rawops.FractionMaxPoolGrad originput = 1, 1, 1, 1, 1, origoutput = 1, 1, 1, outbackprop = 3, 3, 6, rowpoolingsequence = -0x4000000, 1, 1,...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in FractionalMaxAVGPool with illegal poolingratio. Attackers can access heap memory that is not in the user's control, leading to a crash or remote code execution. Remediation Upgrade tensorflow-lite to version 2.12....

Google TensorFlow 缓冲区错误漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A security vulnerability exists in Google TensorFlow that causes FractionalMaxAVG Pool to have an illegal poolingratio. attackers using Tensorflow can exploit this vulnerability. They can access heap...

GHSA-VXV8-R8Q2-63XW TensorFlow vulnerable to `CHECK` fail in `FractionalMaxPoolGrad`

Impact FractionalMaxPoolGrad validates its inputs with CHECK failures instead of with returning errors. If it gets incorrectly sized inputs, the CHECK failure can be used to trigger a denial of service attack: python import tensorflow as tf overlapping = True originput = tf.constant.453409232,...

PT-2022-23079 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue is related to the FractionalMaxPoolGrad function, which validates its...

Google TensorFlow 安全漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google, Inc. in the United States. Google TensorFlow suffers from a security vulnerability that stems from FractionalMaxPoolGrad validating its inputs by asserting a failure instead of returning an error. T...