vulnerability

Debian: CVE-2025-2953: pytorch -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
2	(AV:L/AC:L/Au:S/C:N/I:N/A:P)	Mar 30, 2025	May 15, 2025	Aug 15, 2025

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:P)

Published

Mar 30, 2025

Added

May 15, 2025

Modified

Aug 15, 2025

Description

A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is the function torch.mkldnn_max_pool2d. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The security policy of the project warns to use unknown models which might establish malicious effects.

Solution

no-fix-debian-deb-package

References

CVE-2025-2953
https://attackerkb.com/topics/CVE-2025-2953
CWE-404

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today