—

PYSEC-2025-192

상세

A vulnerability was found in PyTorch 2.6.0. It has been declared as critical. Affected by this vulnerability is the function torch.nn.utils.rnn.pad_packed_sequence. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

PyPI / torch

최초 영향 버전: 0

No fixed version published yet for torch (pip). Pin to a known-safe version or switch to an alternative.

참고

https://vuldb.com/?id.302047 [ADVISORY]
https://vuldb.com/?submit.524151 [ADVISORY]
https://github.com/pytorch/pytorch/issues/149622 [REPORT]
https://github.com/pytorch/pytorch/issues/149622#issue-2935495265 [REPORT]
https://vuldb.com/?ctiid.302047 [REPORT]