You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
pytorch vulnerability
About this tag
The pytorch vulnerability tag covers discussions about security flaws in the PyTorch machine learning framework, including CVE-2025-55551 and CVE-2025-55552. These vulnerabilities affect PyTorch version 2.8.0, with CVE-2025-55551 causing denial-of-service through LU slice operations in compiled paths, and CVE-2025-55552 involving an interaction bug with torch.rot90. Topics include impact analysis, mitigation strategies, and Microsoft's Azure Linux attestation for affected packages. The tag is relevant for developers, security researchers, and IT professionals managing PyTorch deployments.
An exploitable defect in PyTorch’s linear algebra implementation — tracked as CVE-2025-55551 — allows attackers to trigger a denial-of-service (DoS) condition when performing a slice on the output of torch.linalg.lu in PyTorch v2.8.0; the problem arises in compiled execution paths (Inductor /...
Microsoft’s public update about CVE-2025-55552 names the Azure Linux distribution as the Microsoft product for which the company has published a machine‑readable attestation, but that statement describes what Microsoft has validated so far rather than proving that no other Microsoft product...