CVE-2025-2148

Low CVSS: 2.3

A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this vulnerability is the function torch.ops.profiler._call_end_callbacks_on_jit_fut of the component Tuple Handler. The manipulation of the argument None leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult.

Vendor

Linuxfoundation

Product

Pytorch

CWE

CWE-119

Yayın Tarihi

2025-03-10 12:15:12

Güncelleme

2026-02-24 19:52:04

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-119 Pytorch LOW Linuxfoundation 2025

Referanslar

https://github.com/pytorch/pytorch/issues/147722 https://vuldb.com/?ctiid.299059 https://vuldb.com/?id.299059 https://vuldb.com/?submit.505959 https://github.com/pytorch/pytorch/issues/147722

Benzer Kayıtlar

Critical

CVE-2026-33701

OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. I…

Medium

CVE-2026-33015

EVerest is an EV charging software stack. Prior to version 2026.02.0, even immediately after CSMS performs a RemoteStop…

High

CVE-2026-33009

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to C++ UB (potential memo…

Medium

CVE-2026-33014

EVerest is an EV charging software stack. Prior to version 2026.02.0, during RemoteStop processing, a delayed authorizat…

Medium

CVE-2026-27815

EVerest is an EV charging software stack. Prior to versions to 2026.02.0, ISO15118_chargerImpl::handle_session_setup cop…

Medium

CVE-2026-27816

EVerest is an EV charging software stack. Prior to versions to 2026.02.0, ISO15118_chargerImpl::handle_update_energy_tra…