Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an Improper Resource Shutdown or Release in PyTorch [CVE-2025-2953]

Summary IBM Watson Speech Services Cartridge is vulnerable to an Improper Resource Shutdown or Release in PyTorch, due to an issue found in PyTorch 2.6.0+cu124 that affects the function torch.mkldnnmaxpool2d CVE-2025-2953. PyTorch is used in our service runtimes. This vulnerabilitiy has been...

In PyTorch before 2.7.0, when torch.compile is used, FractionalMaxPool2d has inconsistent results.

...

DEBIAN-CVE-2025-46150

In PyTorch before 2.7.0, when torch.compile is used, FractionalMaxPool2d has inconsistent results...

CVE-2025-46150

In PyTorch before 2.7.0, when torch.compile is used, FractionalMaxPool2d has inconsistent results...

Use of Out-of-range Pointer Offset

Overview Affected versions of this package are vulnerable to Use of Out-of-range Pointer Offset via the fractionalmaxpool function in torch.nn.FractionalMaxPool2d component when used with torch.compile. An attacker can cause inconsistent computational results by exploiting this behavior,...

Use of Out-of-range Pointer Offset

Overview torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration Affected versions of this package are vulnerable to Use of Out-of-range Pointer Offset via the fractionalmaxpool function in torch.nn.FractionalMaxPool2d component when used with torch.compile. An...

CVE-2025-46150

In PyTorch before 2.7.0, when torch.compile is used, FractionalMaxPool2d has inconsistent results...

CVE-2025-46150

CVE-2025-46150 is referenced in connected IBM bulletin as affecting PyTorch: prior to 2.7.0, using torch.compile can cause FractionalMaxPool2d to produce inconsistent results. The IBM document lists the CVE entry and its description but provides no technical details on root cause, vulnerable vers...

PT-2025-39381

Name of the Vulnerable Software and Affected Versions PyTorch versions prior to 2.7.0 Description When torch.compile is used, the FractionalMaxPool2d function exhibits inconsistent results. This issue affects the accuracy of computations involving this specific function within the PyTorch...

CVE-2025-46150

In PyTorch before 2.7.0, when torch.compile is used, FractionalMaxPool2d has inconsistent results...

AZL-60931 CVE-2025-2953 affecting package pytorch for versions less than 2.0.0-9

A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is the function torch.mkldnnmaxpool2d. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be...

UBUNTU-CVE-2025-2953

A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is the function torch.mkldnnmaxpool2d. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be...

PyTorch 安全漏洞

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a denial of service vulnerability caused by a floating point exception in the function torch.mkldnnmaxpool2d. An attacker can exploit this vulnerability to cause a denial of service...

TensorFlow has double free in Fractional(Max/Avg)Pool

...

GHSA-F49C-87JH-G47Q TensorFlow has double free in Fractional(Max/Avg)Pool

Impact nnops.fractionalavgpoolv2 and nnops.fractionalmaxpoolv2 require the first and fourth elements of their parameter poolingratio to be equal to 1.0, as pooling on batch and channel dimensions is not supported. python import tensorflow as tf import os import numpy as np from...

SUSE CVE-2021-29573

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGradWithArgmax is vulnerable to a division by 0. The...

SUSE CVE-2021-29580

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.FractionalMaxPoolGrad triggers an undefined behavior if one of the input tensors is empty. The code is also vulnerable to a denial of service attack as a CHECK condition becomes false and aborts...

SUSE CVE-2022-21739

Tensorflow is an Open Source Machine Learning Framework. The implementation of QuantizedMaxPool has an undefined behavior where user controlled inputs can trigger a reference binding to null pointer. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow...

SUSE CVE-2022-35989

TensorFlow is an open source platform for machine learning. When MaxPool receives a window size input array ksize with dimensions greater than its input tensor input, the GPU kernel gives a CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub comm...

FractionalMaxPool and FractionalAVGPool heap out-of-bounds acess in Tensorflow

...