AZL-67968

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-67968.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-67968

Upstream

CVE-2025-55560

Published

2025-09-25T16:15:35Z

Modified

2026-04-21T04:38:18.562272Z

Summary

CVE-2025-55560 affecting package pytorch for versions less than 2.2.2-9

Details

An issue in pytorch v2.7.0 can lead to a Denial of Service (DoS) when a PyTorch model consists of torch.Tensor.tosparse() and torch.Tensor.todense() and is compiled by Inductor.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-55560

Affected packages

Azure Linux:3 / pytorch

Package

Name: pytorch
Purl: pkg:rpm/azure-linux/pytorch

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.2-9

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-67968.json"