10 matches found
EUVD-2025-210415
picklescan before 0.0.28 fails to detect malicious torch.fx.experimental.symbolicshapes.ShapeEnv.evaluateguardsexpression function calls in pickle files. Attackers can embed undetected code in pickle files that executes remote code when loaded by victims...
Denial of Service (DoS)
Amendment This was deemed not a vulnerability. Overview torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration Affected versions of this package are vulnerable to Denial of Service DoS due to the omission of calling profiler.stop during the finalization process. An...
Inefficient CPU Computation
Overview torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration Affected versions of this package are vulnerable to Inefficient CPU Computation due to inconsistent behavior in the bernoullip function when used in RNG nn.Dropout1d, nn.Dropout2d, and nn.Dropout3d. An...
Reachable Assertion
Overview torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration Affected versions of this package are vulnerable to Reachable Assertion via the nn.Fold function when used with inductor. An attacker can cause the application to terminate unexpectedly by triggering a...
Security Bulletin: There is a vulnerablity in the torch library affecting IBM watsonx Code Assistant On Prem
Summary There is a vulnerablity in the torch library affecting IBM watsonx Code Assistant On Prem. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2025-32434 DESCRIPTION: PyTorch is a Python package that provides tensor computation with...
Improper Check for Unusual or Exceptional Conditions
Overview torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions in the ctcloss function in LossCTC.cpp, when running on a CUDA system. An attacker can cause the...
Out-of-bounds Write
Overview torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration Affected versions of this package are vulnerable to Out-of-bounds Write through the torch.jit.jitmodulefromflatbuffer function. An attacker can corrupt memory by manipulating the input data to this...
Out-of-bounds Write
Overview torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration Affected versions of this package are vulnerable to Out-of-bounds Write due to the torch.lstmcell function. An attacker can corrupt memory by manipulating the function's input. Note: This is only...
Improper Resource Shutdown or Release
Overview torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration Affected versions of this package are vulnerable to Improper Resource Shutdown or Release via the torch.mkldnnmaxpool2d function. An attacker can disrupt service by exploiting this vulnerability locally...
UBUNTU-CVE-2024-31584
Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csrc/jit/mobile/flatbufferloader.cpp...