CNNVD-202509-3969 Information

CNNVD ID

CNNVD-202509-3969

Related CVE

CVE-2025-46150

• CNNVD Published: 2025-09-25

Description (Chinese)

PyTorch是PyTorch开源的一个 Python 包。 PyTorch 2.7.0之前版本存在安全漏洞，该漏洞源于使用torch.compile时FractionalMaxPool2d产生不一致结果。

Description (English)

PyTorch is a Python package for PyTorch open source. There was a security loophole in the pre-PyTorch 2.7.0, which resulted from inconsistent results from Fracingal MaxPool2d when it was used at the Torch.compile.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

PyTorch

Published

2025-09-25

Last Modified

2026-02-24

References

https://gist.github.com/shaoyuyoung/4bcefba4004f8271e64b5185c95a248a https://github.com/pytorch/pytorch/issues/141538 https://github.com/pytorch/pytorch/issues/141538#issuecomment-2537424658 https://github.com/pytorch/pytorch/pull/144395

Patch

https://pytorch.org/get-started/previous-versions/?ajs_aid=277996d0-7b09-4ed6-9cea-e4ec582778fb