VYPR
Medium severity5.0NVD Advisory· Published Mar 10, 2025· Updated Jun 17, 2026

CVE-2025-2148

CVE-2025-2148

Description

A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this vulnerability is the function torch.ops.profiler._call_end_callbacks_on_jit_fut of the component Tuple Handler. The manipulation of the argument None leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
torchPyPI
<= 2.6.0

Affected products

4
  • Pytorch/Pytorchllm-fuzzy2 versions
    =2.6.0+cu124+ 1 more
    • (no CPE)range: =2.6.0+cu124
    • (no CPE)range: 2.6.0+cu124
  • osv-coords2 versions
    >= 2.6.0, < 2.7.0+ 1 more
    • (no CPE)range: >= 2.6.0, < 2.7.0
    • (no CPE)range: <= 2.6.0

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.