CVE-2025-55560

Опубликовано: 25 сент. 2025

Источник: debian

EPSS Низкий

Описание

An issue in pytorch v2.7.0 can lead to a Denial of Service (DoS) when a PyTorch model consists of torch.Tensor.to_sparse() and torch.Tensor.to_dense() and is compiled by Inductor.

Пакеты

Пакет	Статус	Релиз	Тип
pytorch	unfixed		package
pytorch	no-dsa	trixie	package
pytorch	no-dsa	bookworm	package

Примечания

https://github.com/pytorch/pytorch/issues/151522
https://github.com/pytorch/pytorch/pull/151897
https://github.com/pytorch/pytorch/commit/225742838bcbf4656a90010257062188f7fcae82 (v2.8.0-rc1)

EPSS

Процентиль: 15%

0.0005

Низкий

Связанные уязвимости

CVE-2025-55560

CVSS3: 7.5

ubuntu

около 1 месяца назад

An issue in pytorch v2.7.0 can lead to a Denial of Service (DoS) when a PyTorch model consists of torch.Tensor.to_sparse() and torch.Tensor.to_dense() and is compiled by Inductor.

CVE-2025-55560

CVSS3: 7.5

nvd

около 1 месяца назад

An issue in pytorch v2.7.0 can lead to a Denial of Service (DoS) when a PyTorch model consists of torch.Tensor.to_sparse() and torch.Tensor.to_dense() and is compiled by Inductor.

CVE-2025-55560

msrc

около 1 месяца назад

An issue in pytorch v2.7.0 can lead to a Denial of Service (DoS) when a PyTorch model consists of torch.Tensor.to_sparse() and torch.Tensor.to_dense() and is compiled by Inductor.

GHSA-mxhp-68x5-j3fx

CVSS3: 7.5

github

около 1 месяца назад

An issue in pytorch v2.7.0 can lead to a Denial of Service (DoS) when a PyTorch model consists of torch.Tensor.to_sparse() and torch.Tensor.to_dense() and is compiled by Inductor.

BDU:2025-12837

CVSS3: 7.5

fstec

7 месяцев назад

Уязвимость методов torch.Tensor.to_sparse() и torch.Tensor.to_dense() фреймворка машинного обучения PyTorch, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 15%

0.0005

Низкий