CVE-2025-55558

A buffer overflow occurs in pytorch v2.7.0 when a PyTorch model consists of torch.nn.Conv2d, torch.nn.functional.hardshrink, and torch.Tensor.view-torch.mv() and is compiled by Inductor, leading to a Denial of Service (DoS).

References

Affected packages

Git / github.com/pytorch/pytorch

Affected ranges

Type

GIT

Repo

https://github.com/pytorch/pytorch

Events

Introduced

Last affected

134179474539648ba7dee1317959529fbd0e7f89

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.7.0"
        }
    ]
}

Affected versions

Other

bc2caa7fdf006894eff7af936babde69ab5a40f8-huydhn-debug

ciflow/inductor/3b9a386

ciflow/inductor/3d4b92b

ciflow/inductor/d224ac7

ciflow/periodic/054a2fd

ciflow/periodic/2a6d37d

ciflow/periodic/317eeb8

ciflow/periodic/3c32

ciflow/periodic/3e98831

ciflow/periodic/94512-point

ciflow/periodic/csl/test87519

ciflow/periodic/csltest88275

ciflow/periodic/csltest88761

ciflow/periodic/sha-ec5b83

ciflow/slow/01c7106

ciflow/slow/0577043

ciflow/slow/0d5b74da0cab798fbfdb9caa53fad816999c8386-sdym

ciflow/slow/0e81104

ciflow/slow/1732077

ciflow/slow/187eb7c

ciflow/slow/1faef89

ciflow/slow/3920ec1

ciflow/slow/3b7c6b2

ciflow/slow/59a3759

ciflow/slow/70ef0bb

ciflow/slow/788ff06

ciflow/slow/8751002215790a3a88750faa8f4366933e296693-sdym

ciflow/slow/9d85864

ciflow/slow/9ffad5b

ciflow/slow/a206e8b

ciflow/slow/a837609

ciflow/slow/af841f3

ciflow/slow/da3aba1e46157c4df504b067477cdf2b3c96b194-sdym

ciflow/unstable/123

cslpull75

cslpull76

cslpull77

cslpull78

cslpull79

cslpull80

cslpull81

cslpull82

cslpull83

cslpull84

cslpull85

cslpull86

cslpull87

cslpull88

cslpull89

cslpull90

cslpull91

cslpull92

forpull1

malfet/tag-2ef5611

malfet/tag-317b1a0

malfet/tag-ec6f767

nightly-binary

v0.*

v0.1.1

v0.1.10

v0.1.11

v0.1.2

v0.1.3

v0.1.4

v0.1.5

v0.1.6

v0.1.7

v0.1.8

v0.1.9

v1.*

v1.0.0a0

v1.0rc0

v1.0rc1

v1.1.0a0

v1.2.0a0

v1.3.0a0

v1.4.0a0

v1.8.0-rc1

v2.*

v2.7.0

v2.7.0-rc1

v2.7.0-rc10

v2.7.0-rc2

v2.7.0-rc3

v2.7.0-rc4

v2.7.0-rc5

v2.7.0-rc6

v2.7.0-rc7

v2.7.0-rc8

v2.7.0-rc9

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-55558.json"