—
PYSEC-2025-197
상세
A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0. This issue affects the function torch.cuda.memory.caching_allocator_delete of the file c10/cuda/CUDACachingAllocator.cpp. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.
영향 패키지
PyPI / torch
최초 영향 버전:
0 No fixed version published yet for torch (pip). Pin to a known-safe version or switch to an alternative.
참고
- https://vuldb.com/?id.303041 [ADVISORY]
- https://github.com/ARPANET-cybersecurity/vuldb/issues/2 [REPORT]
- https://github.com/pytorch/pytorch/issues/149821 [REPORT]
- https://github.com/pytorch/pytorch/issues/149821#issue-2940838975 [REPORT]
- https://github.com/pytorch/pytorch/issues/149821#issuecomment-2765311086 [REPORT]
- https://vuldb.com/?ctiid.303041 [REPORT]
- https://vuldb.com/?submit.525252 [EVIDENCE]