Lucene search
K

53 matches found

OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-984 `FractionalMaxPoolGrad` Heap out of bounds read

Impact If FractionMaxPoolGrad is given outsize inputs rowpoolingsequence and colpoolingsequence, TensorFlow will crash. python import tensorflow as tf tf.rawops.FractionMaxPoolGrad originput = 1, 1, 1, 1, 1, origoutput = 1, 1, 1, outbackprop = 3, 3, 6, rowpoolingsequence = -0x4000000, 1, 1,...

4.8CVSS6.9AI score0.0044EPSS
Exploits1References7
OSV
OSV
added 2026/07/07 10:17 a.m.1 views

PYSEC-2026-1049 FractionalMaxPool and FractionalAVGPool heap out-of-bounds acess

Impact An input poolingratio that is smaller than 1 will trigger a heap OOB in tf.rawops.FractionalMaxPool and tf.rawops.FractionalAvgPool. Patches We have patched the issue in GitHub commit 216525144ee7c910296f5b05d214ca1327c9ce48. The fix will be included in TensorFlow 2.11.0. We will also cher...

7.1CVSS6AI score0.00579EPSS
Exploits1References6
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/17 2:13 p.m.5 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an Improper Resource Shutdown or Release in PyTorch [CVE-2025-2953]

Summary IBM Watson Speech Services Cartridge is vulnerable to an Improper Resource Shutdown or Release in PyTorch, due to an issue found in PyTorch 2.6.0+cu124 that affects the function torch.mkldnnmaxpool2d CVE-2025-2953. PyTorch is used in our service runtimes. This vulnerabilitiy has been...

5.5CVSS6AI score0.00237EPSS
Exploits1Affected Software1
Microsoft CVE
Microsoft CVE
added 2025/10/02 1:5 a.m.9 views

In PyTorch before 2.7.0, when torch.compile is used, FractionalMaxPool2d has inconsistent results.

...

5.3CVSS7AI score0.0036EPSS
Exploits0
OSV
OSV
added 2025/09/25 3:16 p.m.4 views

DEBIAN-CVE-2025-46150

In PyTorch before 2.7.0, when torch.compile is used, FractionalMaxPool2d has inconsistent results...

5.3CVSS5.2AI score0.0036EPSS
Exploits0References1
Snyk
Snyk
added 2025/09/25 2:44 p.m.5 views

Use of Out-of-range Pointer Offset

Overview torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration Affected versions of this package are vulnerable to Use of Out-of-range Pointer Offset via the fractionalmaxpool function in torch.nn.FractionalMaxPool2d component when used with torch.compile. An...

6.9CVSS6.9AI score0.0036EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/25 2:44 p.m.3 views

Use of Out-of-range Pointer Offset

Overview Affected versions of this package are vulnerable to Use of Out-of-range Pointer Offset via the fractionalmaxpool function in torch.nn.FractionalMaxPool2d component when used with torch.compile. An attacker can cause inconsistent computational results by exploiting this behavior,...

6.9CVSS7AI score0.0036EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/25 12:0 a.m.7 views

PT-2025-39381

Name of the Vulnerable Software and Affected Versions PyTorch versions prior to 2.7.0 Description When torch.compile is used, the FractionalMaxPool2d function exhibits inconsistent results. This issue affects the accuracy of computations involving this specific function within the PyTorch...

5.3CVSS6.5AI score0.0036EPSS
Exploits0References18
Vulnrichment
Vulnrichment
added 2025/09/25 12:0 a.m.3 views

CVE-2025-46150

In PyTorch before 2.7.0, when torch.compile is used, FractionalMaxPool2d has inconsistent results...

6.6AI score0.0036EPSS
Exploits0References4
CVE
CVE
added 2025/09/25 12:0 a.m.35 views

CVE-2025-46150

CVE-2025-46150 is referenced in connected IBM bulletin as affecting PyTorch: prior to 2.7.0, using torch.compile can cause FractionalMaxPool2d to produce inconsistent results. The IBM document lists the CVE entry and its description but provides no technical details on root cause, vulnerable vers...

5.3CVSS6.6AI score0.0036EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2025/09/25 12:0 a.m.4 views

CVE-2025-46150

In PyTorch before 2.7.0, when torch.compile is used, FractionalMaxPool2d has inconsistent results...

5.3CVSS5.2AI score0.0036EPSS
Exploits0
OSV
OSV
added 2025/09/25 12:0 a.m.6 views

CVE-2025-46150

In PyTorch before 2.7.0, when torch.compile is used, FractionalMaxPool2d has inconsistent results...

5.3CVSS7AI score0.0036EPSS
Exploits0References6
OSV
OSV
added 2025/03/30 4:15 p.m.9 views

AZL-60931 CVE-2025-2953 affecting package pytorch for versions less than 2.0.0-9

A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is the function torch.mkldnnmaxpool2d. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be...

5.5CVSS5.9AI score0.00237EPSS
Exploits1References1
OSV
OSV
added 2025/03/30 4:15 p.m.9 views

UBUNTU-CVE-2025-2953

A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is the function torch.mkldnnmaxpool2d. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be...

5.5CVSS5.3AI score0.00237EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/03/30 12:0 a.m.4 views

PyTorch 安全漏洞

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a denial of service vulnerability caused by a floating point exception in the function torch.mkldnnmaxpool2d. An attacker can exploit this vulnerability to cause a denial of service...

5.5CVSS6.7AI score0.00237EPSS
Exploits1References6
Microsoft CVE
Microsoft CVE
added 2024/06/30 2:0 p.m.4 views

TensorFlow has double free in Fractional(Max/Avg)Pool

...

8CVSS6.4AI score0.00148EPSS
Exploits0
OSV
OSV
added 2023/03/24 9:53 p.m.6 views

GHSA-F49C-87JH-G47Q TensorFlow has double free in Fractional(Max/Avg)Pool

Impact nnops.fractionalavgpoolv2 and nnops.fractionalmaxpoolv2 require the first and fourth elements of their parameter poolingratio to be equal to 1.0, as pooling on batch and channel dimensions is not supported. python import tensorflow as tf import os import numpy as np from...

8CVSS6.7AI score0.00148EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.2 views

SUSE CVE-2021-29573

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.MaxPoolGradWithArgmax is vulnerable to a division by 0. The...

5.5CVSS5.5AI score0.00189EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:43 a.m.4 views

SUSE CVE-2021-29580

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.rawops.FractionalMaxPoolGrad triggers an undefined behavior if one of the input tensors is empty. The code is also vulnerable to a denial of service attack as a CHECK condition becomes false and aborts...

5.5CVSS5.6AI score0.00189EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:29 a.m.3 views

SUSE CVE-2022-21739

Tensorflow is an Open Source Machine Learning Framework. The implementation of QuantizedMaxPool has an undefined behavior where user controlled inputs can trigger a reference binding to null pointer. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow...

6.5CVSS6.4AI score0.00783EPSS
Exploits1References3
Rows per page
Query Builder