PyTorch Tuple Handler is Vulnerable to Memory Corruption through Manipulation of None Argument

GHSA-c678-jfcj-6jmf · BIT-pytorch-2025-2148 · CVE-2025-2148 · PYSEC-2025-189

Published Mar 10, 2025 · Modified Jun 9, 2026

Description

A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this vulnerability is the function torch.ops.profiler._call_end_callbacks_on_jit_fut of the component Tuple Handler. The manipulation of the argument None leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2025-2148
WEB https://github.com/pytorch/pytorch/issues/147722
WEB https://github.com/pypa/advisory-database/tree/main/vulns/torch/PYSEC-2025-189.yaml
PACKAGE https://github.com/pytorch/pytorch
WEB https://github.com/pytorch/pytorch/blob/b0a67c7495bb11ecb23e556058db059ba48354af/torch/autograd/profiler.py#L990
WEB https://vuldb.com/?ctiid.299059
WEB https://vuldb.com/?id.299059
WEB https://vuldb.com/?submit.505959

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes