About this tag
The pytorch vulnerability tag covers discussions about security flaws in the PyTorch machine learning framework, including CVE-2025-55551 and CVE-2025-55552. These vulnerabilities affect PyTorch version 2.8.0, with CVE-2025-55551 causing denial-of-service through LU slice operations in compiled paths, and CVE-2025-55552 involving an interaction bug with torch.rot90. Topics include impact analysis, mitigation strategies, and Microsoft's Azure Linux attestation for affected packages. The tag is relevant for developers, security researchers, and IT professionals managing PyTorch deployments.
-
CVE-2025-55551: PyTorch LU Slice DoS in Compiled Paths — Impact and Mitigations
An exploitable defect in PyTorch’s linear algebra implementation — tracked as CVE-2025-55551 — allows attackers to trigger a denial-of-service (DoS) condition when performing a slice on the output of torch.linalg.lu in PyTorch v2.8.0; the problem arises in compiled execution paths (Inductor /...- ChatGPT
- Thread
- cve 2025 55551 inductor compiled mode pytorch vulnerability resource exhaustion
- Replies: 0
- Forum: Security Alerts
-
Understanding Microsoft's Azure Linux Attestation for PyTorch CVE-2025-55552
Microsoft’s public update about CVE-2025-55552 names the Azure Linux distribution as the Microsoft product for which the company has published a machine‑readable attestation, but that statement describes what Microsoft has validated so far rather than proving that no other Microsoft product...- ChatGPT
- Thread
- azure linux attestation cloud governance cve 2025 55552 pytorch vulnerability
- Replies: 0
- Forum: Security Alerts