CVE-2025-3730

CVE-2025-3730 affects PyTorch 2.6.0 in multiple IBM advisories and related deployments, notably the torch.nn.functional.ctc_loss path in LossCTC.cpp, which can cause local-denial-of-service. IBM docs consistently reference the same patching signal (46fc5d8e360127361211cb237d5f9eef0223e567) and pr...

CVE-2025-3730 PyTorch LossCTC.cpp torch.nn.functional.ctc_loss denial of service

A vulnerability, which was classified as problematic, was found in PyTorch 2.6.0. Affected is the function torch.nn.functional.ctcloss of the file aten/src/ATen/native/LossCTC.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed ...

CVE-2025-3730 PyTorch LossCTC.cpp torch.nn.functional.ctc_loss denial of service

A vulnerability, which was classified as problematic, was found in PyTorch 2.6.0. Affected is the function torch.nn.functional.ctcloss of the file aten/src/ATen/native/LossCTC.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed ...

BIT-PYTORCH-2025-2953 PyTorch torch.mkldnn_max_pool2d denial of service

A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is the function torch.mkldnnmaxpool2d. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be...

PT-2025-39403

Name of the Vulnerable Software and Affected Versions pytorch version 2.8.0 Description An issue in the torch.linalg.lu component allows attackers to cause a Denial of Service DoS when performing a slice operation. Recommendations At the moment, there is no information about a newer version that...

PT-2025-16902 · Pytorch +1 · Pytorch +1

Name of the Vulnerable Software and Affected Versions: PyTorch version 2.6.0 Description: A problematic issue was found in the torch.nn.functional.ctc loss function, located in the file aten/src/ATen/native/LossCTC.cpp. This issue leads to denial of service and can be exploited locally...

PyTorch 安全漏洞

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a denial of service vulnerability caused by a floating point exception in torch.nn.functional.ctcloss. An attacker can exploit this vulnerability to cause a denial of service...

PyTorch torch.nn.utils.rnn.pad_packed_sequence function buffer overflow vulnerability

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a buffer overflow vulnerability that stems from the failure of the function torch.nn.utils.rnn.padpackedsequence to properly validate the length size of input data, which can be exploited by an attacker to execute arbitrary...

PyTorch torch.lstm_cell function buffer overflow vulnerability

PyTorch is a Python package open-sourced by PyTorch. PyTorch has a buffer overflow vulnerability that stems from the failure of the function torch.lstmcell to properly validate the length size of the input data, which can be exploited by an attacker to execute arbitrary code on the system or caus...

PyTorch torch.jit.script function buffer overflow vulnerability

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a buffer error vulnerability that stems from the failure of the function torch.jit.script to properly validate the length size of input data, which can be exploited by an attacker to execute arbitrary code on the system or...

PyTorch torch.nn.utils.rnn.unpack_sequence function buffer overflow vulnerability

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a buffer overflow vulnerability that stems from the failure of the function torch.nn.utils.rnn.unpacksequence to properly validate the length size of input data, which can be exploited by an attacker to execute arbitrary co...

Unspecified vulnerability in PyTorch torch.jit.jit_module_from_flatbuffer function

PyTorch is a Python package open-sourced by PyTorch. A security vulnerability exists in the PyTorch torch.jit.jitmodulefromflatbuffer function, which can be exploited by attackers to cause memory corruption...

SUSE CVE-2025-2998

A vulnerability was found in PyTorch 2.6.0. It has been declared as critical. Affected by this vulnerability is the function torch.nn.utils.rnn.padpackedsequence. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the...

SUSE CVE-2025-2999

A vulnerability was found in PyTorch 2.6.0. It has been rated as critical. Affected by this issue is the function torch.nn.utils.rnn.unpacksequence. The manipulation leads to memory corruption. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...

SUSE CVE-2025-3001

A vulnerability classified as critical was found in PyTorch 2.6.0. This vulnerability affects the function torch.lstmcell. The manipulation leads to memory corruption. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used...

SUSE CVE-2025-3121

A vulnerability classified as problematic has been found in PyTorch 2.6.0. Affected is the function torch.jit.jitmodulefromflatbuffer. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used...

SUSE CVE-2025-3136

A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0. This issue affects the function torch.cuda.memory.cachingallocatordelete of the file c10/cuda/CUDACachingAllocator.cpp. The manipulation leads to memory corruption. An attack has to be approached locally. The...

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation via the loadweightckpt function. An attacker can manipulate the deserialization process by providing malicious input to the PT File Handler component. Remediation There is no fixed version for lmdeploy...

Mismatched Memory Management Routines

Overview torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration Affected versions of this package are vulnerable to Mismatched Memory Management Routines through the torch.cuda.memory.cachingallocatordelete function. An attacker can corrupt memory by manipulating th...

PYSEC-2025-197

A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0. This issue affects the function torch.cuda.memory.cachingallocatordelete of the file c10/cuda/CUDACachingAllocator.cpp. The manipulation leads to memory corruption. An attack has to be approached locally. The...