CVE-2025-2953
Denial of Service (DoS) vulnerability in torch (PyPI)
What is CVE-2025-2953 About?
A Denial of Service (DoS) vulnerability has been identified in PyTorch 2.6.0+cu124, specifically in the `torch.mkldnn_max_pool2d` function. This flaw allows a local attacker to cause the application to crash. The exploit has been publicly disclosed.
Affected Software
Technical Details
The vulnerability resides in the torch.mkldnn_max_pool2d function within PyTorch 2.6.0+cu124. This function likely suffers from an issue such as improper input validation, memory allocation flaws, or incorrect handling of specific edge cases during the max-pooling operation using MKL-DNN. A local attacker can craft specific input to this function that triggers an unhandled exception, a segmentation fault, or an infinite loop, causing the PyTorch application to terminate or become unresponsive. The exact mechanism would depend on the underlying programming error, but the outcome is a denial of service due to application crash or freeze.
What is the Impact of CVE-2025-2953?
Successful exploitation may allow attackers to cause the PyTorch application to crash or become unresponsive, leading to a denial of service for legitimate computations and users.
What is the Exploitability of CVE-2025-2953?
Exploitation of this vulnerability requires local access to the system running the PyTorch application. The complexity is moderate, as it involves crafting specific inputs to the torch.mkldnn_max_pool2d function to trigger the denial of service. No authentication is necessary once local access is achieved, and the privileges required would be those sufficient to execute PyTorch code. This is a local exploitation scenario. The exploit has been publicly disclosed, which increases the likelihood of attack. Risk factors include environments where untrusted users have local execution capabilities on systems running PyTorch.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2025-2953?
Available Upgrade Options
- torch
- <2.7.1-rc1 → Upgrade to 2.7.1-rc1
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://vuldb.com/?id.302006
- https://github.com/pytorch/pytorch/issues/149274
- https://osv.dev/vulnerability/GHSA-3749-ghw9-m3mg
- https://vuldb.com/?ctiid.302006
- https://nvd.nist.gov/vuln/detail/CVE-2025-2953
- https://vuldb.com/?id.302006
- https://github.com/pytorch/pytorch
- https://github.com/pytorch/pytorch/issues/149274#issue-2923122269
- https://vuldb.com/?ctiid.302006
- https://vuldb.com/?submit.521279
What are Similar Vulnerabilities to CVE-2025-2953?
Similar Vulnerabilities: CVE-2023-49033 , CVE-2023-49038 , CVE-2023-49040 , CVE-2023-49039 , CVE-2023-49035
