CNNVD-202509-3967 Information
CNNVD ID
CNNVD-202509-3967
Related CVE
- CNNVD Published: 2025-09-25
Description (Chinese)
PyTorch是PyTorch开源的一个 Python 包。 PyTorch 3.7.0之前版本存在安全漏洞,该漏洞源于bernoulli_p分解函数与CPU实现不一致,可能影响nn.Dropout1d、nn.Dropout2d和nn.Dropout3d功能。
Description (English)
PyTorch is a Python package for PyTorch open source. There is a security loophole in the pre-PyTorch 3.7.0, which stems from the inconsistency between the Bernoulli p decomposition function and the CPU, which may affect the functions of nn.Dropout1d, nn.Dropout2d and nn.Dropout3d.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
PyTorch
Published
2025-09-25
Last Modified
2026-02-24
References
https://gist.github.com/shaoyuyoung/4bcefba4004f8271e64b5185c95a248a https://gist.github.com/shaoyuyoung/e636f2e7a306105b7e96809e2b85c28a https://github.com/pytorch/pytorch/compare/v2.6.0…v2.7.0 https://github.com/pytorch/pytorch/issues/142853 https://github.com/pytorch/pytorch/pull/143460
Patch
https://pytorch.org/get-started/previous-versions/?ajs_aid=277996d0-7b09-4ed6-9cea-e4ec582778fb
Share on: